hi all,
first sorry if i m asking stupid question.
just wanted to know when some one sells the vulnerability then what
the bying comapny get?does he negotiate with vendor about money or any
other thing?
i mean what they get after purchasing that vulnerability?
------------
regards,
ting ding ting ding ting ding
ting ding ting ding ding
bam bam
i m crazy frog :)
On 10/22/05, Jeremy Richards <jrichards_at_secure-business-solutions.com> wrote:
> iDefense has become the Tippingpoint/3Com initiative
>
> I'm quite sure ImmunitySec would be interested in bidding on high profile MS
> bugs.. I even suspect eEye would be interested in purchasing a well
> documented security report on a high profile MS bug... it's just good
> marketing.
>
> The market for exploits is in writing IPS signatures and vulnerability
> detection rules (less so)... and of course you have to deal with companies
> that are open to that kind of exchange.
>
> A vendor of security reports is here:
> http://www.assurent.com/index.php/Vulnerability_Research_Portal/41/0/
>
> ...with that said -- they're basically all going to be pretty much the same
> in regards to the reports they are interested in... so a bidding war is your
> best bet ;)
>
> Jer.
>
> -----Original Message-----
> From: mpycube_at_yahoo.com [mailto:mpycube_at_yahoo.com]
> Sent: Wednesday, October 19, 2005 12:44 PM
> To: vuln-dev_at_securityfocus.com
> Subject: Vulnerability Buyer Company
>
> Hello,
>
> i already worked with iDefense but i have seen t hat also 2 other companies
> are buying 0day:
> - www.zerodayinitiative.com
> - www.digitalarmaments.com
>
> The offer of the second one look really interesting. Does anyone has worked
> with those company? which one is better? does exist others company?
>
> thanks guys...
>
> {}
>
>
--
Received on Oct 25 2005
Intro
