Vulnwatch assists
researchers in their vulnerability disclosure goals by
coordinating on behalf of the researcher with vendors, bug
bounty programs, and others.
September 23, 2011
Formerly known as a moderated full disclosure vulnerability
mailing list Vulnwatch has been reborn as a resource for
security researchers who want to focus on their research and not
spend their time handling the disclosure process.
Vulnwatch is a not for profit, trusted service for
vulnerability researchers with a focus on the researcher and his
or her needs vs. those of the affected parties. Handling a
vulnerability is not a simple and straightforward task, wether
your goal is to sell your work for profit, gain the fame
associated with a cool bug, or simply get the necessary details
to those affected.
While everyone has their own opinion on how vulnerability
disclosure should happen, Vulnwatch purposely does not have a
disclosure policy. Our goal is to educate researchers on
all potential scenarios and options and help the specific
researcher determine their own disclosure goals. Once
those goals are clear, Vulnwatch will then help the researcher
achieve them by handling the disclosure process on their behalf
leaving them free to concentrate on their passion -- the
research itself.
September 20, 2011
Coming soon. Some very exciting developments for the
research community via Vulnwatch. Check back soon for more
content as this site will evolve over the coming days.
Please contact - contact@vulnwatch.org for more information.