TippingPoint, a unit of 3Com
, launched what it called Zero Day Initiative, which rewards security researchers for informing the company of any security bugs.
Announced at the Black Hat Security conference taking place in Las Vegas this week, the program is designed to extend its research organization and tap into the best security minds in the business.
The company did not say how much it will pay for flaws.
“This program will extend our research organization even further, and
enable us to tap some of the brilliant minds in the global security research
community,” David Endler, director of security research at TippingPoint,
said in statement.
Not to be outdone, security intelligence company iDefense increased its
offer to hackers who want to sell details of software vulnerabilities.
Both security groups are hoping the initiatives lead to prompt
information about vulnerabilities in their software, and just as importantly
expect the move will prevent the exploits from going public before they can
BindView, a provider of IT security compliance solutions and a lead
sponsor of the event, showcased its spectrum of IT security compliance solutions.
“Security breaches are on the rise, threatening corporate reputations and
shaking customer and shareholder confidence,” Chris Smith, BindView vice president of field marketing, said.
Mark Loveless, a senior security analyst on the RAZOR Research team at
BindView, said: “Security and compliance are top-of-mind concerns,
particularly as organizations strive to balance protection and management of
regulatory requirements under a single umbrella.”
Black Hat is a technical event for IT security
specialists that profiles next-generation
theories and threat analysis and delivering techniques and an understanding
of legal and policy frameworks.
“The research presented at the Black Hat Briefings USA 2005 will provide
visionary insight into technologies and methodologies affecting IT security
for years to come,” Black Hat CEO Jeff Moss said in a statement.
The Black Hat briefings, of which there are 60 scheduled, are designed to
foster peer-to-peer communications and networking opportunities for IT
security professionals, with presentations by security experts and
underground IT security specialists, according to Moss.
The event will run through Thursday.