[rrdharan]

It’s really not harder for the folks with this skill set, and plenty of these vulnerabilities have been found in VMware too over the years.

https://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY...

https://www.darkreading.com/vulnerabilities-threats/vmware-z...

https://cloud.google.com/blog/topics/threat-intelligence/vmw...

[nicce]

It is always harder, because it always take more time. We don't know the ratio (how many bugs more would have been found if VMware would be open source)

[rrdharan]

We can agree to disagree. I just don’t think it’s the high order bit in determining the rate of vulnerability discovery - in my opinion the commercial utility (white / black / grey) of the exploits is a more important factor in determining how quickly they are found.