Apple's legal fight with the FBI over iPhone encryption--and the FBI's highly-publicized purchase of a hacking tool to defeat that encryption--put a new spotlight on the shadowy market for software vulnerabilities. Who discovers, buys, and sells these "vulns" and the hacking tools that rely on them? When should the government disclose the vulns it buys or discovers, and how can software companies convince bug-hunters to disclose vulns so they can be fixed, rather than selling them to criminals or governments? Experts with expertise ranging from Silicon Valley to the White House to the hacker community will debate and discuss the latest developments around these controversial questions.