Exploit Acquisition Program

Exploit Acquisition Program Shut Down

By |2020-03-31T10:25:36-04:00July 17th, 2015|

We've decided to terminate our Exploit Acquisition Program (again).   Our motivation for termination revolves around ethics, politics, and our primary business focus.  The HackingTeam breach proved that we could not sufficiently vet the ethics and intentions of new buyers. HackingTeam unbeknownst to us until after their [...]

Whistleblower Series – The real problem with China isn’t China, its you.

By |2020-03-31T10:27:14-04:00June 10th, 2013|

Terms like China, APT and Zero-Day are synonymous with Fear, Uncertainty and Doubt (FUD).  The trouble is that, in our opinion anyway, these terms and respective news articles detract from the actual problem.  For example, in 2011 only 0.12% of compromises were attributed to zero-day exploitation [...]

Comments Off on Whistleblower Series – The real problem with China isn’t China, its you.

Selling zero-day’s doesn’t increase your risk, here’s why.

By |2020-03-31T10:28:00-04:00August 13th, 2012|

The zero-day exploit market is secretive. People as a whole tend to fear what they don’t understand and substitute fact with speculation.  While very few facts about the zero-day exploit market are publicly available, there are many facts about zero-days that are available.  When those facts [...]

Comments Off on Selling zero-day’s doesn’t increase your risk, here’s why.

Netragard on Exploit Brokering

By |2020-03-31T10:28:08-04:00April 12th, 2012|

Historically ethical researchers would provide their findings free of charge to software vendors for little more than a mention.  In some cases vendors would react and threaten legal action citing violations of poorly written copyright laws that include but are not limited to the DMCA.  To [...]

Comments Off on Netragard on Exploit Brokering

Exploit Acquisition Program – More Details

By |2020-03-31T10:37:47-04:00March 28th, 2010|

The recent news on Forbes about our Exploit Acquisition Program has generated a lot of interesting speculative controversy and curiosity. As a result, I've decided to take the time to follow up with this blog entry. Here I'll make a best effort to explain what the [...]

Comments Off on Exploit Acquisition Program – More Details