About Us

About TrendAI™ ZDI

TrendAI™ Zero Day Initiative™ (ZDI) is the world's largest vendor-agnostic vulnerability disclosure program. Built on a global network of independent security researchers, internal experts, and long-standing vendor partnerships, TrendAI™ ZDI serves as a trusted channel for discovering, validating, and responsibly disclosing zero-day vulnerabilities across software and critical systems.

TrendAI™ ZDI was established in 2005 to encourage researchers to report zero-day vulnerabilities privately and responsibly to affected vendors at a time when the industry struggled with coordinated responses, recognition for researchers, and misconceptions about people who discovered security flaws.

TrendAI™ ZDI introduced a new model for the industry by providing:

• A vendor-agnostic bug bounty program where researchers are financially incentivized to submit vulnerabilities.
• A structured disclosure process that removes friction between researchers and vendors.
• A global community of skilled researchers who can improve security without navigating the complexities of vendor relationships.

Over two decades, TrendAI™ ZDI has scaled into one of the industry's most influential coordinated disclosure platforms. Today, more than 19,000 independent researchers contribute to TrendAI™ ZDI, supported by TrendAI™'s research teams across 14 global threat centers. Through TrendAI™ ZDI, they disclosed more verified vulnerabilities in 2024 than all other participating programs combined.

Making vulnerability research and intelligence more effective

TrendAI™ ZDI's work is anchored on three pillars:

Amplify the effectiveness of vulnerability research

By creating and nurturing a community of skilled external researchers, TrendAI™ ZDI extends the reach and depth of TrendAI™'s teams and broadens visibility into emerging vulnerabilities.

Encourage responsible disclosure through structured incentives

Financial rewards and predictable timelines give researchers a trusted workflow for reporting zero-day vulnerabilities.

Protect customers before vendor patches are released

TrendAI™ ZDI strengthens the intelligence behind TrendAI™'s exploit detection, risk scoring, and early protection filters, turning verified findings into safeguards that can be deployed before affected vendors ship their patches.

From Pwn2Own breakthroughs to coordinated disclosures across critical industries, TrendAI™ ZDI is the engine of research, collaboration, and proactive protection that continues to shape how the industry responds to vulnerability risk.

Disclosure process

TrendAI™ ZDI's disclosure process is designed to ensure that vulnerabilities are handled responsibly, and not resold, redistributed, or censored. Every vulnerability acquired through the program is managed according to the TrendAI™ ZDI disclosure policy, which guarantees consistency, transparency, and predictable handling for researchers, vendors, and the public.

An end-to-end disclosure process built to protect the digital ecosystem

Each submission begins with validation. TrendAI™ ZDI verifies the vulnerability, confirms its impact and severity, and documents the technical details required for the vendor to reproduce the issue. Once validated, the researcher receives their reward, and the issue is privately shared with the affected vendor.

TrendAI™ ZDI then works with the vendor throughout a time-bound coordination window to help them understand the root cause, assess fix feasibility, and develop a patch. During this period, TrendAI™ deploys protection filters for its customers without revealing sensitive exploit information.

When the vendor releases a patch, TrendAI™ ZDI publishes a full advisory. The advisory includes technical details, credit to the submitting researcher (unless they choose to remain anonymous), and links to the vendor's patch.

If a vendor does not produce a fix or declines to address the issue within the coordination timeline, TrendAI™ ZDI may publish a limited advisory to protect the broader public while withholding information that could enable exploitation. TrendAI™ ZDI may also share sanitized information with other security vendors and researchers to extend protection beyond Trend customers.

This process ensures that vulnerabilities are validated, responsibly coordinated, and never "swept under the rug," while still keeping the global ecosystem protected at every step.

Researcher experience

TrendAI™ ZDI offers vulnerability researchers a consistent process for responsible disclosure, fair compensation, and coordinated engagement with vendors.

A trusted bridge between research, recognition, and remediation

If you discover a vulnerability, TrendAI™ ZDI provides a clear path to getting it validated, rewarded, and disclosed. You can submit your finding through our secure researcher portal. TrendAI™ ZDI manages the vendor coordination from that point forward.

Once your report is received, TrendAI™ ZDI validates the vulnerability, confirms its severity, and issues a formal monetary offer. When you accept the offer, payment is processed, and the case enters the vendor coordination phase. At the same time, you begin earning points in TrendAI™ ZDI's researcher rewards program, where yearly point totals unlock bonus multipliers, higher payout tiers, and eligibility for additional incentives. Researchers who consistently contribute high-impact findings may also receive invitations to Pwn2Own competitions, special research programs, and community initiatives. TrendAI™ ZDI imposes no limit on the number of reports researchers can submit, and repeat contributors benefit from loyalty bonuses and priority processing.

TrendAI™ ZDI handles all communication with the affected vendor, including root cause clarification, patch feasibility questions, patch timelines, and disclosure scheduling. We keep you updated through the researcher portal. You can choose to be publicly credited in the advisory, remain anonymous, or use a pseudonym.

TrendAI™ ZDI guarantees that your work will not disappear into a backlog or remain undisclosed due to vendor inaction. Every case is tracked, managed under a defined timeline, and disclosed according to our disclosure policy even if a vendor declines to issue a patch. This ensures that your research leads to defensive improvements across industries.

By contributing to TrendAI™ ZDI, you join a global community of more than 19,000 independent researchers working together to improve security across critical infrastructure, enterprise platforms, consumer technologies, and industrial systems. Your discoveries drive protections used by millions worldwide, and TrendAI™ ZDI ensures they are recognized, rewarded, and put to work.

Vendor coordination

TrendAI™ ZDI works directly with software vendors around the world to ensure vulnerabilities are understood, reproduced, and remediated safely. As one of the most trusted disclosure partners in the industry, TrendAI™ ZDI provides vendors with verified, actionable intelligence that supports timely and effective patch development.

Vulnerability intelligence sharing built on collaboration and trust

TrendAI™ ZDI is a long-standing partner to major software vendors, cloud platforms, industrial technology providers, and global CERT organizations, forming a collaborative network for responsible vulnerability remediation. Once a security flaw is verified, TrendAI™ ZDI provides the vendor with a complete technical dossier, which includes proof of concept, reproducible steps, severity assessment, and insights into the exploitability of the issue.

Vendors are given a standard coordination window of 120 days under TrendAI™ ZDI's disclosure policy. For flaws that result from incomplete or problematic security patches, TrendAI™ ZDI shortens the window to 30, 60, or 90 days, depending on multiple factors. (The details of our failed patch disclosure policy can be found here.) If a vendor fails to respond within 15 business days of first contact, TrendAI™ ZDI may escalate to a limited public advisory to protect users.

Throughout this process, TrendAI™ ZDI helps clarify technical details, answers vendor questions, checks the completeness of the fix, and ensures that the patch addresses the root cause rather than a partial remedy. When the vendor issues a patch, TrendAI™ ZDI publishes a joint advisory with full credit to the researcher (if they choose) and links to the vendor's fix.

If a vendor refuses to patch or remains unresponsive, TrendAI™ ZDI may publish a full or limited advisory so that other security vendors and customers are aware of the risk. In certain cases, TrendAI™ ZDI shares sanitized vulnerability intelligence with other security companies to broaden protection beyond TrendAI™'s customer base.

This proactive workflow enables TrendAI™ ZDI to serve as an effective bridge between researchers, vendors, and defenders, making sure that disclosures result in timely remediation for the global community.

Ecosystem protection

The vulnerability intelligence from TrendAI™ ZDI's global researcher community feeds into the defenses that secure the public sector, telecommunications networks, healthcare systems, industrial and OT environments, cloud ecosystems, and widely deployed enterprise and consumer software.

Shaping long-term, global digital resilience

Each validated submission enables early protection and coordinated remediation. TrendAI™ deploys detection and prevention filters across endpoints, network layers, and cloud workloads before vendor patches are released, narrowing the attacker's opportunity to weaponize a flaw. At the same time, TrendAI™ ZDI manages a controlled disclosure process that keeps vulnerability information from being leaked, delayed, or overlooked. Vendors receive structured intelligence, security teams have clearer timelines to prepare, and organizations stay protected as fixes are developed.

TrendAI™ ZDI's research and the breakthroughs demonstrated at TrendAI™ ZDI's Pwn2Own contests influence how modern systems are engineered and secured. Over the years, this work has led to more resilient operating systems, safer virtualization platforms, stronger fallback protections for industrial systems, more robust configurations for cloud and container workloads, and fewer entry points via everyday apps and enterprise tools.

These improvements are the cumulative result of consistent, validated vulnerability intelligence feeding directly into product engineering, patch development, and long-term platform and software design.

AI-powered defense

TrendAI™ ZDI provides validated vulnerability intelligence that strengthens TrendAI™'s AI-powered capabilities. This gives organizations clearer foresight into which vulnerabilities attackers are likely to target next, improving prediction, prioritization, and overall defensive readiness.

Vulnerability intelligence that makes AI security smarter and more reliable

TrendAI™ ZDI's research feeds directly into TrendAI™'s AI-powered security solutions, becoming part of the data foundation that informs exploit prediction, shapes assessments of attack surfaces, and drives automated risk prioritization across TrendAI Vision One™, TrendAI™'s AI-powered enterprise cybersecurity platform.

With TrendAI™ ZDI, TrendAI Vision One™ has rich, structured data and early awareness of exploit techniques, reproducible vulnerabilities, and real-world attack patterns. These inputs generate clearer and more reliable guidance on vulnerabilities, exploits, and attacks. TrendAI™ ZDI intelligence also strengthens the predictive analytics that identify vulnerabilities likely to be targeted, enhances exposure management by showing where defenses are weakest, and supports automated prioritization that enables security teams to respond faster.

This integration allows enterprises to act before a vulnerability becomes an entry point for compromise. TrendAI™ ZDI ensures that TrendAI™'s AI-driven, prevention-first capabilities are shaped not only to detect attacks, but to anticipate them and reduce risks.