Should software vendors reward independent researchers for finding vulnerabilities in their software?
Software vendors all around the world receive information about discovered vulnerabilities in their software from independent researchers from time to time. There are various opinions on whether or not information of this kind should be revealed publicly, whether or not should the vendors pay for such information. What is your opinion on this topic? Should the researchers be rewarded for their work or should the vendors receive the information free of charge? If you think they should be rewarded, then how? Should vendors pay money for this kind of work or just give researchers the credit for finding the vulnerabilities?
→ Yes, by money and credit. (78.65%)
→ Yes, by credit only. (10.66%)
→ No. (7.15%)
→ Yes, by money only. (2.17%)
→ Other answer. (2.13%)
Number of voters: 8140