Security Flaws Cheap to Purchase

The vast majority of flaws are sold for $5,000 or less, according to a recent survey  posted by Unsecurity Research. The survey examined the trustworthiness and responsiveness for organizations that buy vulnerabilities. TippingPoint’s Zero Day Initiative is the highest rated by researchers as the most trustworthy, making the buyer of choice.

The survey asked researchers that have sold vulnerabilities to private and public buyers to rate the buyers on their trustworthiness, promptness of payment, amount paid, along with several other criteria. ZDI was the group with the highest trustworthiness rating but was among the slowest to close a deal and actually pay.

Most vulnerabilities, across organizations, are sold for $5,000 or less, which only a handful going for over $10,000, most of which were bought by SecuriTeam.

Related posts:

1. Study Shows Little Security Difference in Coding
2. My Computer is More Secure than Yours, or Not- the PC vs. Mac Security Debate
3. Symantec Survey Reveals Poor Password Security
4. iPad Users Hit by Scammers
5. Ants Serve as Model for Security System