score by collisions, patch by panic
Summary
The article argues for a new severity model based on collision counts among researchers and patches rather than reports alone. It covers the independent researcher problem, guidance for bug hunters, and practical basics for corporates like defense in depth, runtime validation, virtual patching, and ephemeral infrastructure to reduce risk during incidents.