Does the US Government pay for zero-day exploits? #BlackHat | Internet News
Blog
SHARE
Facebook X Pinterest WhatsApp

Does the US Government pay for zero-day exploits? #BlackHat

Written By
Sean Michael Kerner
Sean Michael Kerner
Jul 31, 2009
1 minute read
NSA_SMALL_less_yellow1.jpg

From the ‘I‘ve always wondered‘ files:

LAS VEGAS. I’m in the super mega Feds vs Ex-Feds panel now at Black Hat and already I’ve learned something I didn’t know.

There is a divergence of opinion in the security industry about whether or not people should buy zero-day exploits. Tipping Points has a whole business model built around it and it seems to work for them – but what about the government?

Does the US Government buy zero-day exploits?

“I don’t buy zero days,” US-CERT director Mischel Kwon said.

Kwon is just one branch of the government.

The NSA had a less specific answer.

 “I can tell you we have a policy but I’m not going to tell you what it is,” NSA agent Richard Marshall said.


PIC: Richard Marshall Credit: Sean M. Kerner
Sean Michael Kerner
Internet News Logo

InternetNews is a source of industry news and intelligence for IT professionals from all branches of the technology world. InternetNews focuses on helping professionals grow their knowledge base and authority in their field with the top news and trends in Software, IT Management, Networking & Communications, and Small Business.

facebook
x

Company

Contact us Advertise with us

Categories

News Enterprise Small Business Reviews Podcasts Blog Research

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information