has @XI_Research EIP/RSP program ever responded? It seems like iDefense and ZDI are the go-to guys
-
-
-
Yes, I have a good relation with
@XI_Research. Unfortunately, they want bugs where exploitation is proven e.g. you have PoC code -
-
AFAICT yes. I'm guessing their customers are also in between, which is a bit of a problem for me
-
...as I want to be sure I don't provide anyone with 0-day for active use against third parties.
-
...which is hard to (if not impossible) to guarantee in many cases.
-
e.g.
@SecuriTeam_SSD is interesting, but hard to prove who gets the information and how it's used -
VCPs should be clear on: -How THEY use info -What they give to clients -What sort of clients*
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.