Dailydave mailing list archives
Re: Vulnerabilities Market
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Wed, 19 May 2010 15:40:03 -0700
There's a good survey of the 0-day vulnerabilities market with breakdowns by vendor including pricing, trustworthiness and friendliness posted online at http://unsecurityresearch.com/index.php?option=com_content&view=article&id=52&Itemid=57 (thanks to @reversemode RT @nrathaus).
The percentages shown in the "how many times were you paid $xxx for your bugs" questions are often 0%, 3.8%, 7.7%, or 15.4% - and nothing in between. From this, looks like they have 26 bug sale data points, spread across 10 bins. If so, the percentages are largely meaningless. /mz _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Vulnerabilities Market Jason Syversen (May 19)
- Re: Vulnerabilities Market Michal Zalewski (May 21)
- Re: Vulnerabilities Market Shane (May 24)
- Re: Vulnerabilities Market Steve Shockley (May 24)
- Re: Vulnerabilities Market Shane (May 25)
- Re: Vulnerabilities Market Shane (May 24)
- Re: Vulnerabilities Market Michal Zalewski (May 21)
- Re: Vulnerabilities Market rajat swarup (May 21)
- <Possible follow-ups>
- Re: Vulnerabilities Market Michal Zalewski (May 24)