Offering a bounty for security bugs
Results 1 to 2 of 2

Thread: Offering a bounty for security bugs

  1. #1
    Senior Member
    Join Date
    Feb 2003

    Offering a bounty for security bugs

    Offering a bounty for security bugs

    TippingPoint--part of 3Com--is soliciting hackers to report vulnerabilities in exchange for money. If a valid bug is found, TippingPoint will notify the maker of the flawed product and update its security products to protect users against exploitation of the flaw until an official patch is released.

    "We want to reward and encourage independent security research, promote and ensure responsible disclosure of vulnerabilities and provide 3Com customers with the world's best security protection," David Endler, director of security research at TippingPoint, said in an interview.

    Austin, Texas-based TippingPoint sells intrusion prevention systems, which are designed to protect against vulnerabilities, on servers, desktops and other computers connected to an organization's network.

    The payments are being offered under TippingPoint's new "Zero Day Initiative." The company plans to announce the program on Monday and celebrate the launch with a party in Las Vegas on Wednesday, the first day of the annual Black Hat Briefings, an event for security professionals and enthusiasts.

    Read the rest here:

  2. #2
    Senior Member
    Join Date
    May 2003
    they say they only want to deal with reputable researchers...thats stupid, they should take the news of the flaw from anyone willing to turn it in. some malicious hacker wouldnt turn in the exploit if he planned on using it often so he obviously is atleast partly trying to help (for money, but still)
    Everyone is going to die, I am just as good of a reason as any.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts