The value of vulnerabilities
Jason Miller, 2006-03-07

There is value in finding vulnerabilities. Yet many people believe that a vulnerability doesn't exist until it is disclosed to the public. We know that vulnerabilities need to be disclosed, but what role do vendors have to make these issues public?

Submit Comment Mode:
Name:
Subject:
Message:
 
  Enter the characters that appear above
 
What Value? 2006-03-17
Anonymous
The question that no one is really asking is: What value do companies get from buying vulns? Why does iDefense or 3Com or Immunitysec pay for 0day vulns? And why now?

With remote vulns that are truely exploitable becoming fewer, these companies that relied on vulns to fuel their businuess model ...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus