WabiSabiLabi總裁將出席HITBSecConf2007

WabiSabiLabi Exclusive at HITBSecConf2007

KUALA LUMPUR, Malaysia, (14 August 2007) – The organisers of HITBSecConf, Asia’s largest network security conference, has confirmed that this year’s conference will feature an exclusive talk on the new project, WabiSabiLabi – an idea which has received much attention recently in the world of network security. For the first time in Asia, Mr Roberto Preatoni, Strategic Director for WabiSabiLabi will be down in Kuala Lumpur next month to explain the purpose of its set up, and to address the controversies surrounding it.

Founded by a group of security professionals, WabiSabiLabi or WSLabi (http://wslabi.com/) facilitates the sale and purchase of security research and vulnerabilities by providing a secure market environment to maximise the security researcher's reward. This online auction-based marketplace by Swiss-based WSLabi has been likened to the ‘eBay’ for security research and findings.

Others however have described it as a marketplace for bugs, or an 0-Day eBay. Much controversy and criticisms have surrounded the setting up of WSLabi, especially from security professionals and vendors who feel that WSLabi is legitimising the work of hackers by helping the latter sell their security exploits to the highest bidder.

Roberto Preatoni, Strategic Director for WSLabi, will be in Kuala Lumpur from 3-6 September for the HITBSecConf2007 event where he will present an hour-long talk to reiterate WSLabi’s position -- that the purpose for the marketplace facility on WSLabi is to enable security researchers to get a fair price for their findings and ensure that they will no longer be forced to give them away for free or sell them to cyber-criminals.

"A market driven approach, cannot be unethical by definition unless we want to rewrite the fundamentals of our economy. The critics should address the current status-quo, where security researchers are not able to find a way to gain legitimately from their job therefore turning sometimes to the black market", said Roberto Preatoni.

According to WSLabi, researchers can submit their findings to the exchange once they have registered. WSLabi will then verify the research by analysing and replicating it at their independent testing laboratories. They will eventually package the findings with a Proof of Concept; this can be sold to the marketplace via three methods from the marketplace platform:

Starting an auction, predefined starting price
Selling to as many buyers as possible at a fixed price
Selling it exclusively to one buyer

WSLabi will also help researchers to design the best business model (e.g. selling schemes, starting selling price etc.) which will enable them to maximise the value of their findings. For example, a piece of research that would currently sell to one company on an exclusive basis for USD300 - USD1000 could sell for ten to twenty times more than this amount using the portal.

“The idea behind an exploit marketplace is certainly something new and WSLabi has had its fair share of criticism from the very start. This is a rare chance for the audience to hear first hand from the guys behind WabiSabiLabi and how it fits in to the world of exploit writing” said Dhillon Andrew Kannabhiran, Founder and Chief Executive Officer for Hack In The Box.

For more information, please visit the following links:

HiTBSecConf2007 Malaysia (http://conference.hitb.org/hitbsecconf2007kl)
WabiSabiLabi (http://wslabi.com/)