Flexera Software - The leading provider of software licensing, entitlement management, installation, and application readiness

On November 2, 2015, the Secunia blog will be moving

In September 2015, Secunia was acquired by Flexera Software.

The blog posts and news on secunia.com will therefore be moved to a brand new Software Vulnerability Management section on FlexeraSoftware.com

From November 2 you can visit us there, for an uninterrupted stream of news about the Software Sulnerability Management solutions and Secunia Research.

Get this blog as an RSS Feed

InformationWeek: Zero Day Exploit Millionaires

15:13 CET, 14th November 2011 By Secunia.

The article ‘So You Want To Be A Zero Day Exploit Millionaire?’ by Mathew J. Schwartz asks the question: “Have you discovered a killer zero-day vulnerability in a widely used product? Can the bug be ‘weaponized,’ or actively exploited?”

Schwartz then discusses the various programs on the market that reward “bug hunters” and debates other ‘options’ such as defence contractors and the black market.

Secunia's independent vulnerability reward program SVCRP is presented as a new alternative for researchers.

“For security researchers with knowledge of a bug that's not worth much, or for researchers who question the ethics of selling any bug information, there are alternatives. Last week, for example, vulnerability information service Secunia launched its Secunia Vulnerability Coordination Reward Program, which formalizes what Secunia says it's been doing informally for some time: It acts as a go-between for security researchers that have discovered a vulnerability in a product, and the vendor of that product.”

Thomas Kristensen, Secunia CSO also provides commentary about the SVCRP and its policy to Schwartz.

To read the article in full, visit InformationWeek here.

Stay Secure,



Discuss this press release
A new thread in our forum is created. Activate the thread by commenting/discussing below.

Subject: InformationWeek: Zero Day Exploit Millionaires

No posts yet
You must be logged in to post a comment.