Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

3Com launches revolutionary vulnerability discovery program, setting the clock back on zero day attacks

  • 26 July, 2005 10:54

<p>Security Research Used to Ensure the Most Rapid and Efficient Protection Against Emerging Threats</p>
<p>Sydney Australia – 26 July 2005 – 3Com and its TippingPoint division today announced the formation of the Zero Day Initiative (ZDI), aimed at ensuring the responsible disclosure of security flaws, also known as vulnerabilities, in order to make technology more secure for users. The goal of the zero day initiative is to proactively protect businesses as soon as possible against newly discovered vulnerabilities.</p>
<p>As part of the program, 3Com will reward security researchers who responsibly reveal information on newly discovered vulnerabilities, as opposed to publicly posting the potentially harmful information, catching businesses and vendors off-guard and unprotected. 3Com will notify affected vendors of security flaws so they can immediately begin working on a solution, most often in the form of a patch. The vulnerabilities will only be disclosed publicly by 3Com once the affected vendor is able to offer a solution to end users, mitigating the threat. 3Com will also use the information to provide preemptive protection to customers through its TippingPoint Digital Vaccine® service. Additionally, 3Com plans to share vulnerability details freely with other security vendors prior to public disclosure.</p>
<p>“Through this program, we seek to ensure that newly discovered vulnerabilities are managed, disclosed and remediated responsibly, so they don’t pose a threat to businesses,” said 3Com Chief Technology Officer, Marc Willebeek-LeMair. “The sooner we have information about a vulnerability, the sooner we can deliver protection to our customers. Ultimately, this benefits everyone: security and technology vendors, security researchers, end users, as well as 3Com and its TippingPoint division customers.”</p>
<p>Vulnerabilities enable attackers to gain control of a system for malicious purposes. They can also result in worms or Denial of Service attacks, which can bring down entire networks. Zero day disclosure occurs when the discoverer of the vulnerability discloses the flaw to the public without notifying the vendor, putting businesses at risk from the time of disclosure until the affected vendor issues a patch. It can take vendors weeks or months to supply a patch.</p>
<p>Intrusion Prevention Systems (IPS), like TippingPoint’s, are one of the few methods of proactive protection. In addition to reducing industry-wide security risks, obtaining advanced information on vulnerabilities enables 3Com to offer its TippingPointTM IPS customers even more preemptive protection than currently provided through the TippingPoint Digital Vaccine update service.</p>
<p>“Our world-class security research team is already on the forefront of the industry, well ahead of the game when it comes to providing advanced vulnerability protection,” said David Endler, Director of Security Research for 3Com’s TippingPoint division. “This program will extend our research organisation even further, and enable us to tap some of the most brilliant minds in the global security research community. Prior to the availability of a vendor-supplied solution or patch, our customers will be protected against threats they aren’t even aware of through our Digital Vaccine service.”</p>
<p>Many security researchers want to be recognised for their discovery, but they don’t always achieve that in a responsible manner. With this program, the researcher is recognised for the discovery when the vulnerability is publicly disclosed with the vendor’s patch.</p>
<p>“3Com’s initiative is a positive step for the industry,” said In-Stat Research Analyst Victoria Fodale. “Viruses or worms that take advantage of vulnerabilities that vendors are not yet aware of can be devastating to an organisation. Both vendors and customers stand to benefit from this program. 3Com and its TippingPoint division are to be commended for taking this leadership position.”</p>
<p>For more information, please visit</p>
<p>About TippingPoint, a division of 3Com</p>
<p>TippingPoint, a division of 3Com, is the leading provider of network-based intrusion prevention systems. The TippingPoint IPS the most decorated in its industry. For a full list of awards, visit Our innovative approach offers customers unmatched network-based security with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at or by telephone at 1-888-TRUE-IPS.</p>
<p>About 3Com Corporation</p>
<p>3Com Corporation (NASDAQ: COMS) is a leading provider of secure, converged voice and data networking solutions for enterprises of all sizes. 3Com offers a broad line of innovative products backed by world class sales, service and support, which excel at delivering business value for its customers. Through its TippingPoint division, 3Com is the leading provider of network-based intrusion prevention systems that deliver in-depth application protection, infrastructure protection, and performance protection for corporate enterprises, government agencies, service providers and academic institutions. For further information, please visit, or the press site</p>
<p>Copyright © 2005 3Com Corporation. 3Com, the 3Com logo and Digital Vaccine are registered trademarks and TippingPoint is a trademark of 3Com Corporation. All other company and product names may be trademarks of their respective holders.</p>
<p>For further information, please contact:
Felicity Harrigan
Red Agency
(+61) 02 9955 7877</p>

Most Popular