Description
Total length of the course: <1 hour
China has built one of the world's most sophisticated vulnerability research ecosystems, but it operates under rules that look nothing like the open disclosure culture found elsewhere. In this conversation, explore how talent is recruited and developed, how the state shapes researcher incentives through competitions, reporting requirements, and penalties, and where the line between independent security research and state-directed offensive cyber activity actually lies.
Content details
Who are the main actors involved in the modern Chinese cyber hacking and vulnerability research ecosystem?
You don't currently have access to this content
What is the function of government-sponsored hacking competitions in China?
You don't currently have access to this content
Are Chinese vulnerability researchers allowed to participate in international hacking competitions?
You don't currently have access to this content
How has the ban on foreign live hacking competitions like Pwn2Own influenced China’s domestic vulnerability scene?
You don't currently have access to this content
Beyond hacking competitions, how does China recruit young talent and students into its offensive cyber programs?
You don't currently have access to this content
What are the typical career trajectories for individuals entering China’s offensive cyber ecosystem?
You don't currently have access to this content
How blurred is the line between patriotic hacking and state-sanctioned cyber activity in China?
You don't currently have access to this content
How do Chinese vulnerability researchers balance bug bounty incentives with state reporting requirements?
You don't currently have access to this content
What penalties exist for researchers who disclose vulnerabilities publicly without government approval?
You don't currently have access to this content
What level of oversight does the Ministry of State Security (MSS) have over private security vulnerability research?
You don't currently have access to this content
Are there black or grey markets for zero-day vulnerabilities and exploits within China?
You don't currently have access to this content
What role do Chinese vulnerability databases play compared to global CVE systems?
You don't currently have access to this content
How mature and professionalised is China’s vulnerability discovery ecosystem today?
You don't currently have access to this content
Has China’s vulnerability disclosure policy affected its relationships with major global software vendors?
You don't currently have access to this content