Scribd Logo
Upload

Welcome to Scribd!

  • VDP Fact Sheet: VDP-Questions@dc3.mil

    Uploaded by

    AYUB METAH
    26 views2 pages
    The Vulnerability Disclosure Program (VDP) was established in 2016 to strengthen cybersecurity on the Department of Defense Information Network (DoDIN) through crowdsourced vulnerability research. The VDP acts as a single point of contact for private sector researchers to disclose vulnerabilities, improving defenses and ensuring the DoD's mission success. By welcoming vulnerability reports, the program aims to increase the DoDIN's security and allow vulnerabilities to be addressed before exploitation.

    Original Description:

    Original Title

    VDP_Fact Sheet_2019

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The Vulnerability Disclosure Program (VDP) was established in 2016 to strengthen cybersecurity on the Department of Defense Information Network (DoDIN) through crowdsourced vulnerability research. The VDP acts as a single point of contact for private sector researchers to disclose vulnerabilities, improving defenses and ensuring the DoD's mission success. By welcoming vulnerability reports, the program aims to increase the DoDIN's security and allow vulnerabilities to be addressed before exploitation.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    26 views2 pages

    VDP Fact Sheet: VDP-Questions@dc3.mil

    Uploaded by

    AYUB METAH
    The Vulnerability Disclosure Program (VDP) was established in 2016 to strengthen cybersecurity on the Department of Defense Information Network (DoDIN) through crowdsourced vulnerability research. The VDP acts as a single point of contact for private sector researchers to disclose vulnerabilities, improving defenses and ensuring the DoD's mission success. By welcoming vulnerability reports, the program aims to increase the DoDIN's security and allow vulnerabilities to be addressed before exploitation.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    UNCLASSIFIED

    VDP FACT SHEET


    Established in 2016 by the Secretary
    of Defense, the Vulnerability Disclosure
    Program (VDP) operates to strengthen
    the security of the Department of
    Defense (DoD) Information Network
    (DoDIN) by providing an additional
    layer to the defense-in-depth
    cybersecurity strategy.
    Our mission is to act as the single DoD focal point for receiving
    crowdsourced cybersecurity vulnerabilities on the DoDIN
    to improve network defenses and enhances mission assurance
    by embracing a previously overlooked yet indispensable
    resource; private-sector white hat researchers. The success
    of the program relies solely on expertise and support VDP Cyber Intel Vulnerability Specialist validating a
    submission from our security research community.
    from the security researcher community which contributes
    to the overall security of the Department.
    DoDIN information technologies, services, and systems
    provide critical capabilities to all military service members, “ VDP provides the
    their families, veterans, DoD civilians, and contractors.
    Ultimately, VDP will drive an increase in the DoDIN’s cyber DoD community
    hygiene with the objective of ensuring that the DoD can with an independent,
    accomplish its mission to defend the United States of America.
    world-class team to
    identify and help
    mitigate their
    Cyber-based
    vulnerabilities by
    leveraging capability
    of ethical hackers from
    around the world ”
    —VDP

    VDP-Questions@dc3.mil @DC3VDP, @DC3Forensics


    @DC3 Cyber Crime Center
    UNCLASSIFIED
    UNCLASSIFIED
    Vulnerability Disclosure Program (VDP)

    CAPABILITIES
    The DoD Vulnerability Disclosure Program:
    • Key component of the National Cyber
    Strategy, Pillar II, by promoting full-
    lifecycle cybersecurity through the use
    of coordinated vulnerability disclosure,
    crowd-sourced testing, and risk
    assessments that improve resiliency
    ahead of exploitation or attack.
    • Enhances the partnership between
    the DoD and the computer security
    researcher community building a
    positive feedback loop to enhance
    the Department’s security through the
    speedy discovery and remediation of
    vulnerabilities.
    • Reduces the time between when a
    vulnerability is discovered, when the
    system owner is notified, and when the
    vulnerability is successfully mitigated.
    • Provides an open channel and legal safe harbor for the discoverer of the vulnerability to report it
    to the DoD.
    • Facilitates the National Defense Strategy LOE “Build a More Lethal Force” by increasing the
    resilience of the Department’s cyberspace assets.
    • Aligns with ISO 29147:2018 and ISO 30111.

    Photo by Soumil Kumar from Pexels

    VDP-Questions@dc3.mil @DC3VDP, @DC3Forensics


    @DC3 Cyber Crime Center
    UNCLASSIFIED

    You might also like