Secunia CSI7
About us
Careers
Memberships
Newsroom
Contact us
Blog
News
Articles

We are discontinuing the SVCRP

Get this blog as an RSS Feed
11:20 CET on the 16th August 2013
Entry written by Kasper Lindgaard, Head of Research.

In November 2011, Secunia launched the Secunia Vulnerability Coordination Reward Program (SVCRP).

The rationale behind the program was explained like this on the launch day, in the blog post announcing it:
"Over the past years, Secunia has steadily received more and more coordination requests from researchers asking Secunia to confirm their vulnerability discoveries and handle coordination. Initially, this was an unofficial service provided to few people in the community, but as more and more researchers contacted Secunia, it grew into a semi-official service provided by Secunia to the community.

Today, Secunia takes this community effort one step further by launching the Secunia Vulnerability Coordination Reward Program (SVCRP).

The fun part of vulnerability research is the actual process of discovering and understanding the vulnerabilities as well as creating PoCs or exploits; and not the sometimes extensive coordination and liaison process that follows with the vendor in order to fix the vulnerabilities. SVCRP offers researchers to confirm their vulnerability discoveries and handle the coordination process, allowing the researchers to focus on the more exciting aspects of vulnerability research and even reward them for it."

Since the launch, the SVCRP has become a success, when we look at activity levels.
We believe the program has played an important role in the vulnerability coordination eco-system. It has been a privilege to help many promising researchers and a pleasure to engage in exchanges with all of them.

Our decision to discontinue the program after all, is because Secunia, as a commercial organization, must assess our initiatives continuously.
The decision to end the SVCRP is based on the conclusion that the amount of time and effort we put into the program, outweighs the benefits to our own organization. This discrepancy unfortunately means that we cannot warrant the continued investment into maintaining the SVCRP.

We will from today no longer accept any new submissions to SVCRP, but will of course handle and process all submissions received prior to today.

We would to thank everyone who has contributed to the Secunia Vulnerability Coordination Reward Program these past 2 years.
If you have any questions or comments, you are very welcome to contact us

Stay Secure!
Kasper Lindgaard
Head of Research

Discuss this blog entry
A new thread in our forum is created. Activate the thread by commenting/discussing below.
Subject: We are discontinuing the SVCRP
 
No posts yet

-

You must be logged in to post a comment.



 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer