SoylentNews is people

Title    RAND Study Suggests 0-Day Exploits Should be Stockpiled
Date    Tuesday March 21 2017, @05:53AM
Author    Fnord666
from the keep-it-to-yourself dept.

"Albert" writes:

RAND corporation recently received rare access to study a couple hundred 0-day vulnerabilities and their exploits.

It turns out that 0-day vulnerability discoveries live for about 6.9 years, and that the ones found by a pair of serious opponents (typically nation-state governments) have only a few percent overlap. This means that releasing discoveries to the public provides very little defensive value while obviously destroying offensive ability.

The report (summary and full text[PDF]) includes quite a bit more about the industry, including some estimates of pricing and headcount.

Original Submission


  1. "summary" -
  2. "full text" -
  3. "Original Submission" -

© Copyright 2022 - SoylentNews, All Rights Reserved

printed from SoylentNews, RAND Study Suggests 0-Day Exploits Should be Stockpiled on 2022-08-09 20:03:30