Our Vulnerability Research Team (VRT) is vigilant in the quest to root out any vulnerabilities that pose a danger to our clients.

DDI’s VRT actively works to find new zero day vulnerabilities utilizing the company’s hybrid cloud platform, FrontlineVulnerability Manager (Frontline VM).  Additionally, we listen to our clients who report problems their vendors cannot solve and perform due diligence on the investigation of any issues, helping them to continuously safeguard their networks.

We pinpoint network flaws as part of your DDI managed service by reviewing results of generic vulnerability detections.

When new vulnerabilities are discovered by our VRT, the flaws are responsibly disclosed according to DDI’s industry standard disclosure policy. VRT works closely with vendors to ensure they are aware of the issue, can validate and quickly provide a fix. DDI users are also the first to know, so affected users can accelerate remediation.

DDI is proud to provide the analytic expertise necessary to quickly identify zero-day issues, improving the security posture of organizations across the globe. Our VRT has released multiple vulnerability disclosures, including those within widely used platforms.

Stay up to date on the latest Zero-Day Discoveries

by DDI’s Vulnerability Research Team.

Get Access to details of the vulnerabilities and patches to quickly shore up your network security.

Sign Up Today

“Our team continues to uncover zero-day vulnerabilities, which demonstrates the power of our technology and excellent research capabilities,” states Larry Hurtado, DDI president and CEO. “Our commitment is to stay one step ahead of cybercriminals to ensure the utmost security of our clients and to make the general community aware of issues that could potentially threaten their security.”

-Larry Hurtado, DDI president and CEO

Zero-Day Vulnerabilities
Discovered by Digital Defense, Inc.

Palo Alto Migration Tool

Digital Defense, Inc. found two security issues inside the Migration Tool.

SOLARWINDS® Storage Manager Server “LoginServlet”

Digital Defense, Inc. disclosed a vulnerability that could allow an attacker to extract sensitive information from the backend database using standard SQL injection exploitation techniques.

Lenovo Network Storage Devices

Digital Defense, Inc. discovered a vulnerability, which resides in Lenovo® network storage devices, can potentially be exploited by an attacker to gain unauthorized remote read-only access to network-attached storage (NAS) shares.

Dell EqualLogic Storage Solution

Digital Defence, Inc. announced a zero-day finding which resides in the Dell EqualLogic solution that a remote unauthenticated attacker could potentially leverage the vulnerability to retrieve system files.

NovellGroupWise®

Digital Defense, Inc. discovered a previously undocumented vulnerability which affected multiple Novell GroupWise® agents. A malicious attacker could potentially leverage this flaw to retrieve files with the privileges of the vulnerable agent(s).

IBM® WebSphere® Application Server

Digital Defense, Inc. discovered a vulnerability within the IBM WebSphere Application Server Administrative Console.

KnowledgeTree™ Online Document Management System

Digital Defense, Inc. discovered a vulnerability within the embedded web server on the HP JetDirect Printer. This flaw could allow an attacker to see files that have been recently printed, capture credentials from the system, or conduct other malicious acts.