TELUS TPP is a unique tool that addresses the limitations of traditional security alerting services. Standard alerting services merely republish information collected from third party sources. Their information is not validated by independent technical analysis and they lack crucial insight into safe fast remediation options.

TELUS TPP addresses these gaps by providing verified information based on TELUS in-house research, tools for protection verification, and broader coverage to include spyware and malware issues.

The TELUS Threat Protection Program deliverables include:

• Threat Alerts, customized to an individual user’s environment and delivered with the industry's best response time through the powerful TELUS VR Portal
• Risk Bulletins – risk analysis and remediation instructions, based on validated research from TELUS labs
• Engineering Toolkits – detailed technical research reports and protection verification tools, based on validated research

The TELUS Vulnerability Research Team (VRTeam) maintains a continuous watch over hundreds of original information sources in order to detect emerging security vulnerabilities, worm and virus outbreaks, and spyware threats. Every new issue is evaluated using proprietary VRTeam tools and processes and TPP Alerts are sent to subscribers within minutes of issue emergence, providing an early warning of the existence of a threat.

Simultaneous to the issuance of an alert, VRTeam engineers begin analysis of the each new issue, and upgrade higher-severity threats to receive deeper in-house research that will result in the release of a TPP Risk Bulletin and an Engineering Toolkit. Severity analysis is based on proprietary ranking algorithms developed and tested within VRTeam over years of vulnerability analysis.

For the severe issues that are upgraded for deeper analysis, VRTeam’s specialized engineering personnel reproduce the vulnerability in their lab environment, enabling differential analysis across vulnerable and non-vulnerable systems. VRTeam engineers perform protocol analysis, disassembly, patch analysis, and source-code level analysis as necessary to fully understand the internal mechanism of the threat. From this understanding, hard factual conclusions are drawn regarding risk, exploitability, attack detection, and the identification of vulnerable systems.

TPP Risk Bulletins are based on this research, providing subscribers with analysis of real net risk and including remediation recommendations. TPP Engineering toolkits additionally provide protection verification tools including proof of concept exploit code, PCAP packet captures of both attack and baseline cases, and a detailed Engineering Report on the issue