Secunia supports and contributes to the security community by conducting independent vulnerability research as well as by verifying vulnerability information disclosed elsewhere. Furthermore, Secunia sponsors the single most important vulnerability and IT-security mailing list on the Internet today: the Full-Disclosure mailing list.

Community

While Full-Disclosure is being seen as radical by many not knowing how the security community works, it is in fact a crucial part of the infrastructure in the security community as it is the only significant security list not being moderated by a commercial entity with its own hidden agenda.

Though Secunia often disagrees with the conclusions being drawn on Full-Disclosure or some of the irresponsible disclosures being made, Secunia never attempts to intervene - in fact Full-Disclosure is out of Secunia's control and is solely run by John Cartwright who has been active in maintaining Full-Disclosure since it was launched by Len Rose and John Cartwright in 2002 as an alternative to the moderated and biased lists predominant at the time.

Credits

It is also important for Secunia that all researchers and others who provide significant information about specific vulnerabilities are credited in a proper manner. That is why each Secunia Advisory contains a credit section and concludes with the following:

"Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others."

Secunia's team of Security Specialists is happy to co-operate with independent security researchers and help with the conclusions, further research, and contact to vendors.