Trend Micro's Zero Day Initiative Enhances Position as World's Largest Vulnerability Disclosure Player

Rhea-AI Summary

Trend Micro's Zero Day Initiative (ZDI) disclosed 60.5% of vulnerabilities in a recent Omdia study, maintaining its title as the world's largest vendor-agnostic bug bounty program for the 13th consecutive year. The ZDI reported 825 vulnerabilities in 2020, significantly outpacing its nearest competitor. 77% of ZDI's disclosures were rated critical or high severity. The program encourages researchers through its Research Rewards initiative, and Trend Micro's overall cybersecurity efforts benefit organizations globally, having paid over $25 million in bounties to more than 10,000 researchers.

Positive

• ZDI disclosed 825 vulnerabilities, three times more than the next vendor.
• ZDI accounted for 60.5% of vulnerabilities revealed in the Omdia study.
• 77% of ZDI's disclosures rated critical or high severity.
• ZDI increased its market coverage by 8.2% year-over-year.
• Trend Micro's ZDI has paid over $25 million in bounties to researchers.

Negative

• None.

DALLAS, May 19, 2021 /PRNewswire/ -- Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today announced its Zero Day Initiative (ZDI) accounted for 60.5% of the vulnerabilities disclosed in a new Omdia study. The ZDI maintains its position as the world's largest vendor-agnostic bug bounty program for the 13^th consecutive year. The ZDI had the most disclosures across all severity levels, with 77% of their disclosures being critical or high severity rating.

The analyst firm's independent report, Quantifying the Public Vulnerability Market: 2021 Edition, offers a comprehensive comparative analysis of 11 of the world's most prolific security research and vulnerability disclosure organizations. Click here to read the full report: https://resources.trendmicro.com/rs/945-CXD-062/images/Omdia_Vulnerability-Project-Whitepaper.pdf.

"As recent events around Microsoft Exchange Server have highlighted yet again, vulnerabilities remain at the heart of the challenge for those fighting on the frontline against threat actors," said Brian Gorenc, senior director of vulnerability research for Trend Micro. "That's why we remain committed to incentivizing researchers to find and responsibly disclose bugs. This benefits users everywhere, and especially Trend Micro TippingPoint customers who were protected for 81 days on average before the release of a vendor patch in 2020."

Omdia appraised 1,365 unique, verified vulnerabilities disclosed in 2020 claimed by the 11 vendors. Of these, ZDI disclosed 825 bugs, three times more than the next vendor, which disclosed 242. The ZDI increased its market coverage by 8.2% from the previous year, strengthening its position as industry leader even further.

The report also recognized the ZDI Research Rewards program, which, similar to frequent flyer miles from an airline, enables researchers to earn increased rewards and bonuses by continuing to work with the ZDI.

"The number of vulnerabilities discovered by all independent researchers totaled less than half of those offered by Trend Micro," said Tanner Johnson, principal analyst for Omdia. "The ZDI focuses on vulnerabilities in a broad range of services, with a great deal of its effort directed toward vulnerabilities in networking and PDF software, which are critical to enterprise security."  

Founded in 2005, Trend Micro's ZDI pioneered the development of the responsible disclosure market for vulnerabilities, which leverages bug bounty rewards to incentivize researchers. The program has reported more than 7,500 flaws to affected vendors to date. Over 10,000 researchers globally have now been paid more than $25 million in bounties.

About Trend Micro 
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world. TrendMicro.com.

View original content to download multimedia:http://www.prnewswire.com/news-releases/trend-micros-zero-day-initiative-enhances-position-as-worlds-largest-vulnerability-disclosure-player-301294467.html

SOURCE Trend Micro Incorporated

FAQ

What percentage of vulnerabilities did Trend Micro's ZDI disclose in the latest Omdia study?

Trend Micro's Zero Day Initiative disclosed 60.5% of vulnerabilities in the latest Omdia study.

How many vulnerabilities did ZDI report in 2020?

In 2020, Trend Micro's Zero Day Initiative reported 825 vulnerabilities.

What is the severity rating of most disclosures by ZDI?

77% of disclosures made by Trend Micro's Zero Day Initiative were rated critical or high severity.

How does ZDI's performance compare to other vendors?

ZDI disclosed three times more vulnerabilities than its closest competitor, which reported 242.

What initiative does ZDI have to incentivize researchers?

ZDI has a Research Rewards program that offers increased rewards and bonuses to researchers.