Ask HN: Is Google Project Zero for Freelance Security Researchers?

1 point

7 years ago

I see this stories like this all the time now... Someone finds a security vulnerability in a piece of software, tries to do the responsible thing by contacting the company and are ignored. They then use the vulnerability to contact the company and all hell brakes loose.

I would like to know where can a security researcher report these vulnerability so that they get fixed in a timely manner and take themselves out off the equation?

https://www-vice-com.cdn.ampproject.org/v/s/www.vice.com/amp/en_us/article/59nzjz/teen-security-researcher-bill-demirkapi-suspended-for-exposing-vulnerabilities