DIB-Vulnerability Disclosure Program
DIB VDP Program

Press Release    DIB-VDP Myte Byte    DIB-VDP Information Sheet PDF

Executive Summary:

  • The Department of Defense (DoD) Cyber Crime Center (DC3) and Defense Counterintelligence and Security Agency (DCSA) have begun the strategic alignment and technical facilitation necessary to establish a fully operational vulnerability disclosure program supporting the Defense Industrial Base (DIB).
     
  • This strategic alignment will further enhance DC3 and DCSA support to the DIB in the vulnerability, analytical, cybersecurity, and cyber forensics domains.
     
  • These efforts will institutionalize lessons learned during the successful 2022 pilot program, which focused on delivering a DoD/DC3 vulnerability disclosure capability to the DIB.

Onboarding Instructions:

  1. Please fill out the Participation Request Form and return to AFOSI.DC3.DIB-VDP@us.af.mil. As the DIB-VDP team works through your Participation Request Form please feel free to proceed with step 2. 
  2. ​Select and download  DIB-VDP Enrollment folder (zip file)
  3. Please complete the forms provided within the Enrollment folder. If your company needs assistance please contact us at AFOSI.DC3.DIB-VDP@us.af.mil
  4. After completing the form, please email the forms back to AFOSI.DC3.DIB-VDP@us.af.mil

DIB-VDP Historical Pilot

The Defense Industrial Base Vulnerability Disclosure Program (DIB-VDP) Pilot is a 12-month voluntary event established collaboratively by DC3’s DoD Defense Industrial Base Collaborative Information Sharing Environment (DCISE), DoD Vulnerability Disclosure Program (DoD VDP), and the Defense Counterintelligence and Security Agency (DCSA).

The DIB-VDP Pilot was born out of the desire to bring the lessons learned by the DoD VDP to DIB companies based on the strong recommendation from Carnegie Mellon University Software Engineering Institute (SEI) DIB-VDP Feasibility Study.

DIB-VDP Pilot Final Report (March 2024)