Bug bounty programs leaving less critical flaws undiscovered

http://dvlabs.tippingpoint.com/img/dvlabs_logo.gif

The number of vulnerabilities reported last year has fallen by nearly a fifth, leaving a majority of users unaware of smaller, non-critical software faults, according to researchers.

HP DVLabs’ 2011 Top Cyber Security Risks Report, last week catalogued only 6843 vulnerabilities in internet-based systems, applications and other software, compared with 8502 last year. Researchers pinned the decline on companies offering more money for information regarding flaws that were more difficult to find, leaving a number of less critical flaws undiscovered.

Read more: Bug bounty programs leaving less critical flaws undiscovered

Story added 23. April 2012, content source with full text you can find at link above.