In the Front-Page cyber-security article at the beginning of this module Zerodium was identified as an entity that sells its knowledge of bug bounties to mainly government organizations who need specific and tailored cyber-security capabilities and protective solutions. To what extent do you think governments are gathering information on zero-day exploits and then using them or holding them in reserve for the future? Should this be the work of a government? Or should a government who has knowledge of a vulnerability make that information known to the public so that its citizens can secure their systems to be resilient against attacks?