3Com this week is expected to launch a program that offers cash to members of the security community in return for information on potentially damaging Internet-based security threats.
Its Zero Day Initiative is an attempt to prompt the disclosure of security vulnerabilities quicker by giving independent security researchers incentive for pointing out holes in software and hardware products that could lead to network attacks.
Some observers call the program a positive step toward making networks safer, while others question how such a payoff system would work, or whether third-party vendors -- including 3Com competitors -- would react negatively to a system under which 3Com gives money to individuals for information about product vulnerability before the affected vendors know about them.
"We're going to be able to address a large amount of researchers who may not necessarily be contacting vendors on their findings regarding security vulnerabilities," said David Endler, director of security research at 3Com's TippingPoint division. 3Com acquired intrusion-detection system and security vendor TippingPoint in 2004 for $451 million.
The link for this article located at ComputerWorld is no longer available.
