|
|
|
|
|
|
by kevingadd
2118 days ago
|
|
|
There are western vulnerability brokers that sell advance warning of exploits to clients like large corporations and governments so they can protect themselves, then presumably handle notifying the company in question so the bug can get fixed. Of course, one problem is that their clients are free to abuse the exploits, and another problem is there's no guarantee they'll make sure the exploits get fixed... but that's certainly an option for you if you aren't comfortable using HackerOne. Another option is to just disclose it to the public a set number of days after notifying them, like Project Zero. |
|
|