Melissa Vice on the value of vulnerability disclosure programs

The Department of Defense Cyber Crime Center (DC3) operates a Vulnerability Disclosure Program (VDP) that handles critical cybersecurity issues reported by the public, including using an actual red phone for urgent matters. In the latest episode of WE’RE IN!, Melissa Vice, director of DC3’s VDP, describes how they respond to cyberthreats and collaborate with other groups within the center, such as the Operation Enablement Directorate and cyber forensics laboratory. 

Tune in to hear how the program, which began in 2016 following a successful bug bounty event, has processed over 53,000 reports, 56% of which were actionable, and resulted in nearly 30,000 remediated vulnerabilities.

Listen to learn more about:

Why VDP has been recognized by the government as a reliable and economical cybersecurity strategy 

How Melissa and her team handled the notorious Log4j vulnerability

How DC3 has explored the use of AI and machine learning to enhance capabilities and scale operations