The Zero Day Initiative (ZDI) began publicly disclosing information about vulnerabilities that vendors failed to patch within a six-month time frame.ZDI is a program ran by TippingPoint, Hewlett-Packard's intrusion prevention solutions division, through which security researchers are paid for zero-day vulnerabil... |
8 February 2011
04:36 GMT |
 |
|
TippingPoint announced changes to the vulnerability disclosure practices employed by its successful Zero Day Initiative (ZDI) program. The new guidelines involve a six-month deadline for patch availability, but the company is willing to make exceptions in special cases.Through the ZDI program, TippingPoint, Hewlett-P... |
4 August 2010
06:35 GMT |
|
|
In a post on the official Google Online Security Blog, members of the the company's security team, express concern about vendors who abuse the concept of responsible disclosure. As a result, a reasonable disclosure deadline of maximum 60 days since notifying the affected party is proposed for adoption by securit... |
21 July 2010
05:42 GMT |
|
|
Mozilla announces that it has brought its security bounty program in line with the new economic times and has increased the reward paid to researchers for eligible security bugs from $500 to $3,000. It has also officially added Firefox Mobile and other Mozilla services to the list of products covered by the program.M... |
16 July 2010
04:16 GMT |
|
|
In a move aimed at getting more security researchers to focus their attention on the Chromium project, Google plans to reward reported bugs. The base bounty is $500 and a special panel of security experts involved in the project will decide which bugs deserve it."We will be rewarding select interesting and original v... |
29 January 2010
10:49 GMT |
|
|
A Web security researcher going by the only handle "theharmonyguy" continued to probe popular Facebook applications for vulnerabilities as part of an initiative called "Month of Facebook Bugs." LiveSocial, Movies, Farm Town and RockYou Live were all found to suffer from cross-site scripting weaknesses. As we previou... |
7 September 2009
08:02 GMT |
|
|
Update: The message announcing Milw0rm's shutdown has been removed from the website. Submissions seem to have also been reopened. It is not yet clear if str0ke decided to continue alone, if he got assistance with reviewing exploits or if someone else took over the maintenance tasks entirely.One of the major sour... |
8 July 2009
04:28 GMT |
|
|
Find us on Google+
