HackDig : Dig high-quality web security articles for hacker

ZDI@10: A wrap on Black Hat and a look ahead

2015-08-13 11:20



It’s always interesting to attend great security conferences like Black Hat and DEF CON, but it’s even more interesting when you’re celebrating 10 years of the ZDI at the same time. We’ve already discussed the history of the ZDI and a few facts we’ve learned over the years. Over those years, we’ve had the opportunity to work with over 3,000 researchers from around the globe, and it was great to catch up with those attending this year’s conference. As we wrap up the conference week and return to our regularly scheduled lives, it seems appropriate to turn our heads forward and look at what the future holds for the ZDI over the next 10 years (and beyond).


One change over the last few years is an increase in the amount of original research we are doing, some of which was put on display this past week. This research serves several purposes for us. Not only does it keep our research skills sharp, but helps us triage the incoming reports we receive as well. Those reports often let us know which areas should be pushed at further, and which ones haven’t been looked at enough. For instance, when we saw a lack of Adobe Reader bugs being submitted, we decided to look for ourselves to see what was what. When we did look, we found many issues – some of which we discussed at DEF CON 23 – and some of which we’ll be talking about in the coming months. This research doesn’t just satisfy our own curiosity, it provides a method for cleaning up software used by many – making the internet a safer place for all. We are commited to continuing our research as well. Look for announcements regarding our upcoming research and conference presentations by subscribing to our blog or following us on Twitter.


As we move in to the next decade, we are certain we will receive bugs in new types of devices and software. Computers are ever evolving, and our use of computing devices in our daily lives continues to grow. Much was made over car hacking at the conference, and if nothing else, this shows how the industry can diverge into new areas. We’re constantly reviewing our program to ensure we’re getting the best bugs available, and we anticipate new areas of research as new forms of computing are introduced. In other words, we know research will evolve as computing evolves, and we stand ready to evolve with it – either through contests like Pwn2Own, our regular bounty program, or other special programs we could run in the future.


Of course, our programs serve the community better as more people become aware of them. We continue to increase the amount and types of communication we produce. We want people to understand what it is that we do and why it matters to them – even if they don’t participate in ZDI programs. Our goal is to create communications that allow network defenders to better understand the threat to their systems and provide them guidance on how best to defend it. This can be difficult at times. We always run the risk of providing too much information, which would benefit the bad guys more than help the good guys. It’s a fine line, but we feel it is important to have an informed and involved community.


Still, it is difficult to predict what the ZDI will look like 10 years from now. As Winston Churchill said, “It is always wise to look ahead, but difficult to look further than you can see.” One thing for certain is our commitment to the reporting of zero day vulnerabilities to the affected vendors while financially rewarding researchers. We at the ZDI look forward to whatever the future may hold, and we hope you join us as our journey continues.


Follow us: @theZDI

Read:1981 | Comments:0 | Tags:No Tag

“ZDI@10: A wrap on Black Hat and a look ahead”0 Comments

Submit A Comment



Blog :

Verification Code:


Share high-quality web security related articles with you:)


Tag Cloud