Digital Armament temporarily upped the ante for paid exploits. In the past, the company offered a bounty for unpublished vulnerability reports as long as a working exploit was provided. However, through the end of February, the company will pay an extra $20,000 for each report and exploit.
Digital Armaments takes submissions and evaluates them and then makes a payment offer to the researcher based on the significance of the vulnerability. The payment could be in cash or in Digital Armament stock. Researchers who accept the offer must give the company exclusive rights to the vulnerability information. The company states that it will "eventually notify the product vendor of the vulnerability," and possibly release an advisory when a patch becomes available.
