NSA’s contract with VUPEN, ‘Darth Vader of Cybersecurity’

As French cyber security firm expands to U.S., it had already nabbed at least one major customer

Written by Michael Morisy
Edited by Shawn Musgrave

Documents requested by MuckRock user Heather Akers-Healy (@abbynormative) from the National Security Agency show it had a contract with the French security researcher VUPEN, whose founder and CEO Chaouki Bekrar puckishly touts himself as the “Darth Vader of Cybersecurity.”

The contract is sparse on details: Even the unit price and total value of the contract are redacted in full. But the contract does detail that VUPEN sold the NSA, in a no-bid contract, “Binary Analysis and Exploits Service 12 months subscription.”

The founder of the security firm, which recently tweeted that it was looking to open offices in Maryland, was nonchalant about the document release, going so far as to suggest other FOIA requests:

The company might need the local bodies to drum up more work: The contract sent over was signed Sept. 14, 2012 and only ran for a year. The contract did not include any indication that it was being renewed. There is a bright spot, however, in that the market for services offered by VUPEN and others is rapidly expanding, as Bekrar himself noted:

Read the full contract embedded below, or on the request page.


Image via Flickr