As we discussed in the first blog post of this series, Bugcrowd believes that public disclosure of vulnerabilities is a healthy and important part of the vulnerability disclosure process, and encourages organizations and researchers to work together to share information in a coordinated and mutually agreed upon manner. But why? To quote Bruce Schneier,
"Secrecy prevents people from accurately assessing their own risk. Secrecy precludes public debate about security, and inhibits security education that leads to improvements. Secrecy doesn't improve security; it stifles it."