August 1st, 2021 – Alisa Esage
Missed information means missed opportunities. Less optimistically, missed information also means inefficiency, mistakes and a degradation of value, eventually. As a professional security researcher or research director, it's part of your essential workflow to follow all new publications on relevant technical topics, such as blogs from other researchers and updates from software development companies, and incorporate it in your work projects in a timely manner. Providing a one-stop feed for all the relevant public releases is the core idea behind our new Professional Vulnerability Research Intelligence feed.
Counter-intuitively, information is not quite contained in the content. Rather, it represents a product of interaction of the content with the mindset of the observer. For instance, the same article read by a first year intern and a specialist with 10 years of practical experience would yield very different insights, that would cause a hugely differentiated impact on both the workflow and the end product. As an extreme example, an article written in unfamiliar language (supposing you cannot translate it) would only yield a few bits of information (encoding that the article exists, which language it's written in, etc.) regardless of how much secret classified knowledge it technically contains. This is the reason why we augment the raw content feed with commentary and insights of a specialist with many years of practical experience in the subject areas.
Lastly, information is useless unless it's applied to practical tasks. We include in the feed a dedicated monthly webinar, which is similar to Nightly mini-classes in the spirit and format (meaning that, expect 4 hours at least), to deep-dive into selected releases and explore it with hands on.
Originally introduced as @zerodaylinks Twitter project that jumped to its first thousand followers in under 50 hours, after which it was promptly blocked by Twitter (specifically blocked and not "temporarily restricted" as it reads on the profile, as it won't allow us to tweet or retweet anything, not even to change the bio) as soon as I posted an innocuous review of an old Xen hypervisor whitepaper, this project is now available as a monthly or yearly subscription feed.
What is included: • Curated daily feed of new releases on relevant topics. • A weekly textual digest of the above, briefly commented. • A monthly interactive webinar with practical aspects of important releases. • Commentary with personal insights by Alisa Esage, Zero Day Engineering Head of Research. • One arbitrary mini-class per month from our live schedule and on-demand collection.
Topics: • New security research publications. Blog articles, conference slides and code on vulnerability research, reverse engineering and system internals, exploit development, other relevant offensive security topics, software hardening and exploit mitigations. • Notification of security patches released by major software and hardware companies. • New tools released which are relevant to vulnerability research. • Proof-of-concepts and exploits released publicly. • Important updates of popular tools. • Impactful historical publications. • Important security advisories. • Security conferences updates. • Relevant technology updates. • Selected academic works. • (Over)hyped bug alerts. • Other topics.
Audience: • Professionally employed security researchers. • Research Directors, Team Leads, and CTO. • Security-minded software developers. • Independent bug hunters. • Curious individuals.
We focus on mature, high quality and impactful publications and releases that won't ruin your brain with a horrible language or deliberately overcomplicated details over a copy-pasted public technical specification, and that are immediately actionable for real life projects, regardless of your specialization.
The Professional Zero Day Engineering Intelligence feed is set be commercially available at €1000 per month, or €10000 per annum. A free trial period of one month starts on the 1st each month.
I announced the Vulnerability Research Intelligence feeds earlier this year. The presently launched Professional feed is one of multiple subscription options that would be available, with a price range from €100/mo for hobbyist individuals to €1M+/year for customized offensive security research projects for governments.
It's in beta testing now. Contact us to subscribe.