The number of targeted and sophisticated cyber attacks taking advantage of unpatched vulnerabilities in major software is significantly increasing. Recent attacks have demonstrated the need for governments to leverage the most advanced security intelligence to protect national infrastructures and assets.

Major vendors usually take 6 to 9 months to release a security patch for critical vulnerabilities affecting their products, and this long delay between the discovery of a vulnerability and the release of a patch creates a window of exposure during which criminals can rediscover a previously reported but unpatched vulnerability, and target any organization running the vulnerable software.

To respond to this challenge, VUPEN Security has decided to share its vulnerability research information with a limited number of governments under NDA (Non-Disclosure Agreement) while always following a responsible disclosure policy.

VUPEN Threat Protection Program (TPP) aims to deliver exclusive research reports and attack detection guidance for undisclosed vulnerabilities discovered in-house by VUPEN Security researchers, providing timely, actionable information and guidance to help mitigate risks from unknown vulnerabilities or exploits. This is a proactive approach to aid governments in making decisions in response to potential threats on a real-time basis and in advance of public disclosure, maintaining a secure environment while the affected vendor is working on a patch (as the vulnerabilities are responsibly reported to the affected vendors under contract with VUPEN).

Only available for Governments and Law Enforcement Agencies in countries members of NATO, ANZUS, ASEAN.

Because of the sensitive nature of the information provided through this service, VUPEN Security has defined strict eligibility criteria for participants. VUPEN Security solely reserves the right to determine whether a government or law enforcement agency meets the criteria.