Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Michal Zalewski (lcamtufcoredump.cx)
Date: Wed May 19 2010 - 17:40:03 CDT
> There's a good survey of the 0-day vulnerabilities market with breakdowns by
> vendor including pricing, trustworthiness and friendliness posted online at
> (thanks to reversemode RT nrathaus).
The percentages shown in the "how many times were you paid $xxx for
your bugs" questions are often 0%, 3.8%, 7.7%, or 15.4% - and nothing
in between. From this, looks like they have 26 bug sale data points,
spread across 10 bins. If so, the percentages are largely meaningless.
Dailydave mailing list