Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Tuesday March 21 2017, @05:53AM   Printer-friendly
from the keep-it-to-yourself dept.

RAND corporation recently received rare access to study a couple hundred 0-day vulnerabilities and their exploits.

It turns out that 0-day vulnerability discoveries live for about 6.9 years, and that the ones found by a pair of serious opponents (typically nation-state governments) have only a few percent overlap. This means that releasing discoveries to the public provides very little defensive value while obviously destroying offensive ability.

The report (summary and full text[PDF]) includes quite a bit more about the industry, including some estimates of pricing and headcount.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1) by khallow on Tuesday March 21 2017, @02:20PM

    by khallow (3766) Subscriber Badge on Tuesday March 21 2017, @02:20PM (#482142) Journal
    HELLO CITIZEN. VIEWING FRIEND COMPUTER ANNOUNCEMENTS THAT ERRONEOUSLY SUGGESTS FRIEND COMPUTER IS EVER IN ERROR IS TREASON. HAVE A NICE DAY.

    *zappity zap zap zap zap*