Undiscovered software vulnerabilities are worth many thousands of dollars on the right market.
Speaking of HBGary, their collection of 0-days is apparently a major reason they could charge 60k for their standard rootkit and could plan to charge up to 240k for their new rootkit: http://arstechnica.com/tech-policy/news/2011/02/black-ops-how-hbgary-wrote-backdoors-and-rootkits-for-the-government.ars
Undiscovered software vulnerabilities are worth many thousands of dollars on the right market.
Speaking of HBGary, their collection of 0-days is apparently a major reason they could charge 60k for their standard rootkit and could plan to charge up to 240k for their new rootkit: http://arstechnica.com/tech-policy/news/2011/02/black-ops-how-hbgary-wrote-backdoors-and-rootkits-for-the-government.ars