lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <FB24803D1DF2A34FA59FC157B77C9705047627AA@IDSERV04.idef.com> Date: Tue Jul 26 23:07:01 2005 From: labs-no-reply at idefense.com (iDEFENSE Labs) Subject: iDEFENSE/VeriSign - VCP Program Changes Last week, iDEFENSE was acquired by VeriSign and at that time, I was able to inform existing VCP contributors that VeriSign fully intended to expand the Vulnerability Contributor Program (VCP). Today, I'm pleased to be able to pass along more details about how VeriSign and iDEFENSE will be substantively increasing pricing for submissions as well as our reward programs. First off, effective immediately, we will be doubling our standard pricing structure for vulnerability submissions. As always, in order to obtain a price quote, we require that a contributor first submit a discovery to contributor@...fense.com. Once accepted, we will gladly provide a price quote and forward the appropriate contract. As well, we are increasing the value of the Incentive and Retention reward programs and launching a new Growth reward program. Details on the new pricing structure for each program are below. More in depth descriptions of the programs can be found on our website at http://www.idefense.com/poi/teams/vcp_reward_programs.jsp. Retention program: The retention program is designed to reward the top five contributors each year. The old and new pricing structures are as follows: Old New 1 $5,000 $10,000 2 $4,000 $8,000 3 $3,000 $6,000 4 $2,000 $4,000 5 $1,000 $2,000 Incentive program: The purpose of the incentive program is to reward the top three contributors for each quarter. The old and new pricing structures are as follows: Old New 1 $3,000 $5,000 2 $2,000 $3,000 3 $1,000 $1,000 Growth program: The purpose of the new Growth program is to reward those contributors that continue to increase their level of participation in the VCP. Details of the program are as follows: - Any contributor with at least 5 submissions in the current year is eligible to participate. - The Growth program will compare a contributor's submissions over the past 12 months (current year) to submissions over the previous 12 months (past year). - Growth program payments will be done annually. - An individual must have been a VCP contributor for at least two years prior to the reward date in order to participate. - The Growth program will cover a July 1 - June 30 period, with the first payment covering July 1, 2005 - June 30, 2006 - Contributors that have submissions in the current year that equal or exceed submissions from the past year will receive a lump sum payment equal to 50% of all current year submissions. - Contributors that have submissions in the current year that equal or exceed 2X the submissions from the past year will receive a lump sum payment equal to 100% of all current year submissions. - Contributors with current year submissions that are between 1X and 2X past year submissions will receive a lump sum payment appropriately pro-rated between 50-100% of all current year submissions As iDEFENSE, we have enjoyed working with the VCP participants over the past three years and appreciate their vulnerability research contributions. As part of VeriSign, we look forward to expanding this program and the corresponding rewards to the VCP community. Please feel free to email any questions and submissions that you may have to contributor@...fense.com. Also, for anyone that will be attending Blackhat/Defcon this week, the full iDEFENSE Labs team will be in attendance. We'll be arriving on Tuesday and departing on Sunday. I look forward to seeing you there. Michael Sutton Director, iDEFENSE Labs VeriSign, Inc.
Powered by blists - more mailing lists