Trend Micro's Zero Day Initiative Celebrates 15 Years of Coordinated Vulnerability Disclosure

ZDI remains the world's largest vendor-agnostic bug bounty program

DALLAS, Aug. 20, 2020 /PRNewswire/ -- Trend Micro Incorporated (TYO: 4704; TSE: 4704), the leader in cloud security, today celebrates the 15 years of its Zero Day Initiative (ZDI) — a pioneering program that has helped to make the connected world a safer and more secure place through the responsible disclosure of vulnerabilities.

Since its inception in 2005, the ZDI has reported more than 7,500 flaws to affected vendors by financially incentivizing the security research community to find bugs before malicious third parties potentially discover them.

Having paid more than $25 million to over 10,000 researchers globally during that time, ZDI now operates the world's largest vendor-agnostic bug bounty program.

It has been recognized as the world's leading vulnerability research organization for the past 13 years. According to Omdia1, the ZDI was responsible for over half of all vulnerability disclosures in 2019, more than any other vendor.

"Over the past 15 years we've seen trends in the exploit economy and vulnerability marketplace come and go, but through it all we've been laser-focused on one thing: making the digital world more secure, one CVE at a time," said Brian Gorenc, senior director of vulnerability research for Trend Micro. "Through the tireless work of ZDI researchers and the wider community, we're determined to continue disrupting the vast cybercrime economy and raising the bar for enterprise software security for the next 15 years and beyond."

One of the ZDI's biggest successes over the past decade-and-a-half has been the iconic Pwn2Own contests, which challenge competitors to exploit widely used software and systems with previously unknown vulnerabilities. The event's success has expanded into three annual contests, including one focused on business software and operating systems, a second on mobile devices and IoT, and now a third dedicated to ICS/SCADA products.

Trend Micro TippingPoint customers benefit from exclusive access to vulnerability information, which provided protection for an average of 81 days before a vendor issued a patch in 2019.

To find out more about the Zero Day Initiative's 15 years of success, please visit: https://www.zerodayinitiative.com/blog/2020/8/19/15-years-of-the-zero-day-initiative.

1 https://resources.trendmicro.com/rs/945-CXD-062/images/OMDIA_Public_Vulnerability_Report_July_2020.pdf