Computer Security Technical Vulnerability Reporting Program

Overview
The Computer Security Technical Vulnerability Reporting Program (CSTVRP) provides for the collection, consolidation, analysis, reporting, or notification of generic technical vulnerabilities and corrective measures in support of the DOD computer security requirements. The program focuses on technical vulnerabilities in commercially-available hardware, firmware, and software products acquired by the DOD and those altered commercial products supporting standard military applications. Research prototypes, preproduction commercial products, and site-specific vulnerabilities are specifically excluded from this program.