The world vulnerability research market disclosed 147 total vulnerabilities in the third quarter of 2007, according to analysis from research firm Frost & Sullivan.
Although a few companies have practices that border on criminal intent, the work done by the security research community is critical for system and data protection, according to company research analyst Chris Rodriguez.
He also states that the necessity of this work has translated into strong and steady growth, continuing into the third quarter of 2007.
"While still divided on a few topics, the market as a whole recognises the value of responsible disclosure and is working to improve the quality of the tested software," he says.
"Although this number [of total vulnerabilities] is less than the total disclosed in the second quarter of 2007, the total number of vulnerabilities has traditionally increased each quarter and is expected to climb steadily in the future," says Rodriquez.
The vulnerability research market should grow with the release of each new application, he adds. "Automated testing tools such as fuzzers now help researchers to find bugs faster. Additionally, researchers may also be drawn to the financial rewards offered by organisations with 'bug bounty' programmes.
"The vulnerability research market is still relatively new territory," says Rodriguez. "This market faces several polarised points of debate and has much more potential for growth than it has shown so far."
Share