A “market” based approach to getting companies to fix vulnerabilities.
Vulnarb.com is an idea I’ve had for a while but only recently figured out how I might do it. The problem it solves is allowing security researchers to responsibly release vulnerabilities they find, but still publicly report that a company has a vulnerable product.
It’s worth noting that Zed Shaw, the guy who is starting this, is a legendary programmer in the world of open source web frameworks.
Link here.
Alex Eckelberry
(Thanks Matthew)