SoylentNews
SoylentNews is people
https://soylentnews.org/

Title    RAND Study Suggests 0-Day Exploits Should be Stockpiled
Date    Tuesday March 21 2017, @05:53AM
Author    Fnord666
Topic   
from the keep-it-to-yourself dept.
https://soylentnews.org/article.pl?sid=17/03/20/2338238

"Albert" writes:

RAND corporation recently received rare access to study a couple hundred 0-day vulnerabilities and their exploits.

It turns out that 0-day vulnerability discoveries live for about 6.9 years, and that the ones found by a pair of serious opponents (typically nation-state governments) have only a few percent overlap. This means that releasing discoveries to the public provides very little defensive value while obviously destroying offensive ability.

The report (summary and full text[PDF]) includes quite a bit more about the industry, including some estimates of pricing and headcount.


Original Submission

Links

  1. "summary" - http://www.rand.org/pubs/research_reports/RR1751.html
  2. "full text" - http://www.rand.org/content/dam/rand/pubs/research_reports/RR1700/RR1751/RAND_RR1751.pdf
  3. "Original Submission" - https://soylentnews.org/submit.pl?op=viewsub&subid=19195

© Copyright 2022 - SoylentNews, All Rights Reserved

printed from SoylentNews, RAND Study Suggests 0-Day Exploits Should be Stockpiled on 2022-08-09 20:03:30