Litchfield's NGSSoftware cuts ties with CERT
A prominent U.K.-based security vendor well-known for finding dangerous vulnerabilities in a variety of software said on Monday that it would no longer work with the CERT Coordination Center after CERT personnel gave advance notice of several new vulnerabilities to a software vendor and some government officials.
Researchers at Next Generation Security Software Ltd. were angered when a representative from a software vendor told them that CERT had a policy of providing advance information on vulnerabilities to some organizations and government agencies, which pay for this privilege. Mark Litchfield, co-founder of NGS Software, said he was unaware of the policy and was unhappy that CERT was collecting money for research that his company had done. While he acknowledged that CERT is a non-profit organization, Litchfield disputes its right to charge for others' work.
[ Read more ]