Department of Defense Cyber Crime Center (DC3) > Missions > Vulnerability Disclosure

DIB-Vulnerability Disclosure Program

About Us

The Defense Industrial Base Vulnerability Disclosure Program (DIB-VDP) is a voluntary program, established collaboratively by the Department of Defense Cyber Crime Center's (DC3) DoD Defense Industrial Base Collaborative Information Sharing Environment (DCISE), DoD Vulnerability Disclosure Program (DoD VDP), and the Defense Counterintelligence and Security Agency (DCSA). Designed to assist defense contractors in identifying and mitigating software vulnerabilities within internet-facing systems by reducing the DIB and DoD’s attack surface before our adversaries can exploit them.

DIB-VDP Information Sheet (PDF) Download Summit Slides for Website (PPT)

Why DIB-VDP

Safe Harbor

Support, NOT tattle

100% Free

The program is completely free

Streamlined

Designed for ease

Common Questions

Are companies still protected under anonymity? +

Yes.

Is there a contractual agreement with a third-party program? +

Yes.

How successful was the initial pilot? +

Throughout a 12-month period, the DIB-VDP Pilot enrolled 41 companies, and 103 vulnerabilities were reported to the DIB system owners.

Can my company participate?+

Defense Industrial Base companies are welcome

Onboarding Instructions:

We are pleased to welcome you to our program.

To begin the onboarding process, please follow the link provided below:

https://dibvrmn.dc3on.gov/

For detailed, step-by-step instructions, you may download the onboarding guide in PDF format here:

DIB-VRMN Participant User Guide 2.0

Should you experience any difficulties or require further assistance, please do not hesitate to contact our team at AFOSI.DC3.DIB-VDP@us.af.mil. We are committed to ensuring a smooth and successful onboarding experience.