Barence writes: "Fewer than 1% of the exploits detected by Microsoft in the first half of last year were against so-called zero-day vulnerabilities – those that were previously unknown. That figure raises a question: if the vast majority of real-world exploits are “known threats”, what makes zero days so valuable that they have spawned a hidden industry of bounty-hunting researchers? The zero-day bounty hunters looks at the big money involved in finding zero-day vulnerabilities, what kind of people — with good and bad intentions — make it their business to look for them, and whether offering "bounties" is actually the wisest way for the security industry to handle the issue. It also includes an interview with a professional security researcher and ethical hacker about how and why he does what he does."
"The whole problem with the world is that fools and fanatics are always so
certain of themselves, but wiser people so full of doubts."
-- Bertrand Russell