Adventures in Disclosure: When Reporting Bugs Goes Wrong

The Zero Day Initiative (ZDI) is the world’s largest vendor-agnostic bug bounty program. That means we purchase bug reports from independent security researchers around the world in Microsoft applications, Adobe, Cisco, Apple, IBM, Dell, Trend Micro, SCADA systems, etc. We don’t buy every bug report submitted, but we buy a lot of bugs. Of course, this means we disclose a lot of bugs. And not every disclosure goes according to plan.

Why Disclose at All?

This is a fine place …

adobe adventures apple applications blog post bounty bug bug bounty bug bounty program bugs cisco dell disclosure don etc ibm initiative micro microsoft program report reporting reports researchers scada scada systems security security researchers systems trend trend micro vendor world zdi zero day initiative