Don't pay those pesky criminals to show how it was done, pay IBM's Managed Security Services instead.
Those pesky criminals spread doubt and fear in order to make money...
At least 30 companies have been hit in the past year by so-called "bug poaching," where hackers break into corporate servers, steal data, and then demand a fee for showing how it was done. The technique, spotted by IBM's Managed Security Services researchers, involves miscreants breaking into a corp's servers, typically using …
Like finding something first and then offering pricing for the vulnerability report and recommendations ?
We at Deloitte are deeply concerned by this modus operandi. Could you uphold best practices and charge BEFORE the consultation ?
your local IT Consulting Partner"
Give them some money, then impress on them to become contracted analysts for your company.
Convince them you're InfoSec team is young and inexperienced...so they can use a consultant.
Fly them in to sign the contract and collect their bonus.
...then ask the officer to come into the room and slap the cuffs on them.