• United States



by Paul Kerstein

Find Vulnerabilities and Make Money

Jul 29, 20051 min
CSO and CISOData and Information Security

3Com and VeriSign will be giving out substantial monetaryrewards for verified vulnerabilities that affect developers and softwarecompanies. Infoworld reports that the initiative, dubbed “Zero Day”by TippingPoint, 3Com’s security division, is an attempt to ensure responsibledisclosure of security flaws to make technology more secure for all users. Bygetting security researchers to identify flaws to companies rather than thepublic, patches can be fixed without alerting hackers to potential exploitable weaknesses.VeriSign’s recently bought security intelligence firm iDefense has also beenrewarding researchers for some time, but has recently raised its reward amount.Read more.