The supermarket for unexploited bugs

On this week's Risky Business podcast, Patrick Gray explores the murky world of "bug shopping," a practise that is increasingly prevalent for software-as-a-service applications.

This week's Risky Business podcast is brought to you by Check Point Software and hosted, as always, by Vigabyte virtual hosting. Download it from:

http://itradio.com.au/security

In this week's show we speak to one of the pioneers of cash-for-vulnerability business practices -- David Endler. He's the director of TippingPoint's DVlabs and the founder and chairman of the VoIP Security Alliance. He popped by to talk about the latest trends in bug shopping.

Of particular interest is what Endler has to say about buying bugs in software-as-a-service applications like Salesforce.com. While TippingPoint would look at buying vulnerabilities in online applications, he doesn't want to be seen to be encouraging any law breaking. It's a bind!

Also on this week's podcast:

  • ZDNet Australia editor Munir Kotadia discusses the week's news with host Patrick Gray
  • Check Point's Steve MacDonald drops by to share his perspective on recent comments made by RSA Security's president Art Coviello in this week's sponsor interview

Read more on Security policy and user awareness

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close