Pwn2Own, run by HP’s Zero Day Initiative, is a hacking contest which challenges security researchers to demonstrate flaws in popular consumer and enterprise software platforms. HP analyzes the information disclosed at Pwn2Own to improve the company’s products and research, and also provides the information to the affected vendors to improve the security of the products for end users.
Pwn2Own began in 2007 as a small demonstration at CanSecWest security conference, and has evolved to one of the most well-known security contests in the industry, with prizes of over $100,000 offered for the most challenging exploits. The contest rules have changed year over year to address the current threat landscape, expanding to a wide range of browsers, operating systems, plugins and mobile targets. The disclosure method at Pwn2Own is one of the best forums that exists for vendors and researchers to have direct access to each other to discuss a particular vulnerability in real-time. This type of intelligence sharing and collaboration is crucial for improving security for enterprises and end users.
HP Zero Day Initiative and Pwn2Own are part of HP Security Research, which conducts innovative research and delivers intelligence to the full portfolio of HP Enterprise Security products to provide industry-leading protection against the latest threats. Security research publications and regular threat briefings complement the intelligence delivered through HP products and provide insight into the future of security and the most critical threats facing organizations today.