Security management company Secunia is setting itself up as an ‘honest intermediary’ through which independent researchers can report and have security vulnerabilities checked out at no cost. The Secunia Vulnerability Coordination Reward Programme (SVCRP) will offer vulnerability researchers a more flexible scheme through which flaws can be reported. The idea is to fill in the yawning gaps in current rewards programmes, where researchers are only paid on the basis that their reported flaws have a commercial value to the company running the programme or to the affected vendor.”]