Zimperium To Buy ‘N-Day’ Vulnerabilities To Improve Security Faster

[Lucian Armasu]

Zimperium launched an "N-day" software vulnerabilities acquisition program funded with $1.5 million. The company wants to shorten the lifespan of zero-day vulnerabilities by getting security researchers to sell their zero-days again to them.

Zimperium To Buy ‘N-Day’ Vulnerabilities To Improve Security Faster : Read more

 

[bit_user]

The down side of exploits being monetized is that it actually creates an incentive for software developers (both commercial and open source) to hide security bugs in their code.

However, once the cyber criminals & governments started paying for exploits, the cat was already out of the bag. At least having vendors and security companies being willing to pay can take some of the sting out of being a virtuous security researcher.