Sunil James manages iDEFENSE's Vulnerability Contributor Program (VCP). He is a member of the company's Technical Intelligence team. Sunil joined iDEFENSE in July 2000, and has worked in various capacities - both technical and non-technical - throughout the company. Previous to iDEFENSE, he has worked at the US State Department, the Council on Foreign Relations, Johns Hopkins University, and Pinkerton Global Intelligence Services. He is currently pursuing his CISSP certification.

Introduce iDEFENSE. When was the company started? How did it evolve?

iDEFENSE is the only remaining independent security intelligence provider in the market today. The company was founded in 1998, committed to applying traditional intelligence-gathering techniques to provide clients with comprehensive and actionable security intelligence. Based on that vision, a team of former military intelligence personnel and computer security experts was built to address the emerging challenges of the cyber landscape.

What security services do you offer?


iDEFENSE's family of security intelligence products provides advanced warning and analysis of threats to our clients' critical information infrastructure. However, our analysts go well beyond technical vulnerabilities and virus attacks to evaluate the impact of hackers, incidents, geopolitical aspects, legal implications and policy decisions on information networks, applications and systems. Our product suite provides decision-makers and frontline security professionals with near real-time access to 15,000 actionable intelligence reports on cyber threats in an easy-to-read, organized format. The products are broken up into the following:

iMONITOR: Uses analysts to develop a custom intelligence collection plan that can include such topics as the misuse of company trademarks, negative press, cyber squatters, protest or conspiracy websites and publicly/privately available details of your network infrastructure. Reporting is immediate (as required), weekly and/or quarterly.

iPOWER: Provides a robust and extremely granular view of vulnerabilities and exploit code that can be easily added to databases, products or services. Data is often fully tested and verified by iDEFENSE Labs and in consultations with affected vendors. Discovered underground exploit code and IDS signatures are also available. iPOWER also covers proactive monitoring and "infiltration" of hacker and virus authoring groups in an effort to glean information well ahead of an active threat.