1. Arora, A., Telang, R., Xu, H.: Optimal policy for software vulnerability disclosure. In: Workshop on the Economics of Information Security (WEIS), University of Minnesota, Minneapolis, MN (2004), http://www.dtc.umn.edu/weis2004/xu.pdf

2. Arora, A., Krishnan, R., Telang, R., Yang, Y.: An empirical analysis of vendor response to software vulnerability disclosure. In: Workshop on Information Systems and Economics (WISE), University of California, Irvine, CA (2005)

3. Nizovtsev, D., Thursby, M.: Economic incentives to disclose software vulnerabilities. In: Workshop on the Economics of Information Security (WEIS), Harvard University, Cambridge, MA (2005), http://infosecon.net/workshop/pdf/20.pdf

4. Rescorla, E.: Is finding security holes a good idea? In: Workshop of Economics and Information Security (WEIS), University of Minnesota, Minneapolis, MN (2004), http://www.dtc.umn.edu/weis2004/rescorla.pdf

5. Anderson, R.J.: Why information security is hard – An economic perspective (2001), http://www.cl.cam.ac.uk/~rja14/econsec.html