TELUS Vulnerability Research Services provide a range of services focused on security vulnerability research and engineering. Our offerings provide both the industry's best response time for early warning of emerging threats, and in-depth, lab-based analysis of vulnerabilities based on disassembly, protocol analysis, and source analysis. Our vulnerability data enables security product vendors to deliver product updates (signatures, filters, scripts) without the need for additional research, and empowers MSPs and enterprise security teams with tools and knowledge to more effectively protect their environments.

TELUS delivers detailed, factual content to our subscribers includes:

• The industry's best response time for early warning of emerging threats
• Complete information regarding the internal technical mechanism of vulnerabilities and threats
• Details for both network-based and host-based detection of any possible attack attempting to exploit a vulnerability
• Details for accurate network-based and host-based differentiation between systems that are vulnerable and those that are not
• Sample exploit code authored by TELUS
• Packet captures of both baseline traffic and attack cases
• Full cross-references to vendor advisories, CVE, and third-party databases

A dedicated team of experienced information security professionals focused exclusively on security vulnerability engineering delivers these services. Team members validate and reproduce reported security vulnerabilities (supporting all major operating systems, platforms, and enterprise products), develop detection signatures and filters for network-based and host-based IDS and IPS systems, create probes and scripts for vulnerability assessment tools, and develop custom security tools. In addition, the VR Team performs original research on a contract basis.

TELUS principal Vulnerability Research offerings include: Vulnerability Research Subscription feeds for security product vendors, for managed service providers, and for enterprise security teams, which provide near real-time coverage for the most severe security vulnerabilities in software products and networking devices, and the Vulnerability Research Database, containing detailed information on historical vulnerabilities.