VUPEN works closely with governments and major corporations to reduce their exposure to zero-day attacks and to address the security risks emanating from cyberspace. Frost & Sullivan recently recognized VUPEN as the leading provider of exclusive vulnerability research.

The number of targeted and sophisticated cyber attacks taking advantage of zero-day vulnerabilities affecting widely deployed software (e.g. Internet Explorer, Adobe Acrobat/Reader, etc) is significantly increasing. Recent attacks such as Aurora and Stuxnet have demonstrated the need for governments and major corporations to leverage the most advanced security intelligence to protect their critical infrastructures, networks and assets against 0-Day exploits.

Major software vendors such as Microsoft and Adobe usually take 6 to 9 months to release a security patch for a critical vulnerability affecting their products, and this long delay between the discovery of a vulnerability and the release of a patch creates a window of exposure during which criminals can rediscover a previously reported but unpatched vulnerability, and target any organization running the vulnerable software.

To respond to this challenge, VUPEN shares its exclusive vulnerability research intelligence with governments and major corporations under NDA (Non-Disclosure Agreement) while always following a responsible disclosure policy.

VUPEN Threat Protection Program (TPP) aims to deliver exclusive and highly technical research reports and attack detection guidance for undisclosed vulnerabilities discovered in-house by VUPEN researchers, providing timely, actionable information and guidance to help mitigate risks from unknown and critical vulnerabilities or exploits. This is a proactive approach to aid governments and corporations in making decisions in response to potential threats on a real-time basis and in advance of public disclosure, applying appropriate protective actions and maintaining a secure environment while the affected vendor is working on a patch.