|
Evaluate risks
and protect corporate assets against vulnerabilities
During the last few years, a
significant increase of attacks
exploiting vulnerabilities in commonly
used programs such as Microsoft
Internet Explorer or Adobe Acrobat is being observed. This is
currently the primary initial
infection vector used to compromise
computers that have Internet access.
Additionally, in today's open communications environment, Supervisory Control And Data Acquisition (SCADA) industrial control systems (ICS) systems are now highly network-based and use common standards for communication protocols. This connectivity exposes network assets to cyber infiltration and subsequent manipulation of sensitive operations.
Although there are many ways to
protect against cyber attacks and
threats, corporations need to leverage
the most detailed security
intelligence to evaluate risks, and
protect critical infrastructures and
assets.
VUPEN Security provides in-depth binary analysis
of the most
significant public vulnerabilities
based on disassembly, reverse
engineering, protocol analysis, and
code audit. The service allows
corporations and MSSPs to supplement
their internal research efforts and
keep ahead of the latest threats.
Only Available for Recognized
Corporations and MSSPs
Because of
the
sensitive
nature of
the
information
provided
through
this
service,
VUPEN
Security
has
defined
strict
eligibility
criteria
for
participants.
VUPEN
Security
solely
reserves
the right
to
determine
whether an
organization
or
corporation
meets the
criteria.
Eligible
organizations
are
Worldwide
Corporations
and MSSPs
(Fortune
1000,
Finance,
Technology,
Research)
VUPEN Binary Analysis & Exploits
Service includes:
 |
|
In-Depth Binary Analysis of
Vulnerabilities
In-depth technical analysis including
description of the root cause of the
vulnerability, assembly code, registers, code flow paths and branches
In-depth description of the affected
protocols or involved file formats
Exploitation techniques, reliability,
mitigations
and limitations
Detection
guidance (exploit-based and
vulnerability-based detections)
Deep references (links to third party
articles, specifications, formats) |
| |
|
|
 |
|
Exploits & Proof-of-concept Codes
VUPEN develops and provides exploit
codes or PoCs which allow
corporations to:
Perform regular penetration and
security
testing
using commercial-grade exploits
Identify real and exploitable threats
within
their infrastructures, systems and
networks
Evaluate the effectiveness of existing
security
policies, protections and patches
Distinguish real threats from false
positives, and prioritize resources
Achieve and maintain compliance and
regulations e.g.
PCI
or
ISO 27001 |
| |
|
|
 |
|
Packet Captures
Additionally to exploits and/or PoCs
which allow subscribers to replicate
potential attacks,
VUPEN also provides packet captures (pcap)
of the involved exploit to easily replay packets |
| |
|
|
 |
|
Technical Support
As a subscriber, you will also
have a direct access to the VUPEN
Vulnerability Research
Team, the most active security team in
the world. |
Why subscribe to this service?
With 20
to 25 binary analysis and private
exploits/PoCs released each month, the
VUPEN In-Depth Binary Analysis and
Exploits service allows corporations to quickly and easily
evaluate risks related the most recent
vulnerabilities, and protect their
infrastructures and assets against critical
vulnerabilities before
being exploited in the wild.
|
