Department of Defense Cyber Crime Center (DC3) > Vulnerability Disclosure

The DoD Vulnerability Disclosure Program (VDP) leverages the experience and knowledge of ethical hackers from around the world to improve network defenses and enhance mission assurance.

VDP Overview

DC3 was assigned by the Secretary of Defense to be the DoD focal point for receiving vulnerability reports and interacting with researchers consistent with DC3's existing information sharing responsibilities as a Federal Cybersecurity Center.

VDP Fact Sheet VDP Bug Bytes VDP Annual Reports

The VDP provides an independent assessment of DoDIN security and defensive measures by identifying:

Vulnerabilities not found by existing red-team and automated efforts
Non-compliance with cyber security guidance
Training deficiencies

Contact Us

General VDP Questions:

VDP-Questions@dc3.mil

This link is not to be used to report

vulnerabilities on DoD networks
and systems.

VDP Policy & Reporting

To read the DoD Vulnerability Disclosure Policy and to submit a vulnerability report:

Submit Vulnerability Report