Every week, a sum must be paid to the researcher that found the exploit or else the vulnerability is leaked. The cost of this sum increases exponentially, so the company can decide how fast they want to patch. Is this already being done?
This just motivates companies to never pay.
>>62352074
Because the companies would actually get around to fixing the vulnerabilities or because they're just that short-sighted?