Home page logo

fulldisclosure logo Full Disclosure mailing list archives

What is the state of vulnerability research?
From: "Steven M. Christey" <coley () mitre org>
Date: Thu, 16 Feb 2006 01:57:38 -0500 (EST)

This is a series of open questions to people who consider themselves
to be vulnerability researchers.  Hopefully this will open a number of
fruitful public discussions.

1) What is the state of vulnerability research?

2) What have researchers accomplished so far?

3) What are the greatest challenges that researchers face?

4) What, if anything, could researchers accomplish collectively that
   they have not been able to accomplish as individuals?

5) Should the ultimate goal of research be to improve computer
   security overall?

6) What is an "elite" researcher?  Who are the elite researchers?

7) Who are the researchers who do not get as much recognition as they

Why am I asking?

Because I don't think this topic has been covered quite in this
fashion, and it's about time it did.

Feel free to respond to me privately.  If I receive more than a couple
responses, I will post a summary.

Thanks to James Bercegay, KF, Luigi Auriemma, Matthew Murphy, and Kurt
Seifried for beta-testing the first 5 questions by providing a variety
of responses :)

- Steve

P.S.  If you're further interested in letting your voice be heard,
check out Richard Forno's disclosure survey at
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]