Follow the money
How to make money running a clearinghouse, and why the business model is the trust model.
The Athena partner program is free.
Here's what that means. Athena pools pre-disclosure vulnerability findings — the things models are surfacing in open source before anyone else knows they exist. Some of the organizations best positioned to act on that information don't ship software at all. They run the networks. We have partners that sit in the infrastructure and network path, able to block exploitation of a vulnerability before disclosure ever happens — no patch required, no action from anyone downstream. We hand them findings with just enough time to act on them.
To us, giving that away makes perfect sense. It surprises almost everyone we talk to. One of these partners kept asking me the same question while we were onboarding them: "You understand we're going to charge our customers extra for this, right? And you don't care?"
He asked three times. I said yes three times. I think he thought I'd misheard.
I hadn't. That advance notice is the most monetizable information in the security industry. It's also the most useful for the world. We're giving it to them for nothing, they're building a premium paid service on top of it, and I couldn't be happier about it.
Maybe the surprise is fair, though. Everyone announced a clearinghouse this summer. I wrote about why last time, but go back and read those announcements and you'll notice something missing from almost every one: the business model. Nobody says who pays, for what, or why. The five-billion-dollar one finally published theirs last week, kind of: the clearinghouse itself is the premium tier — it's right there in the name — gated to a single industry, priced by the package. I've read it a few times now, and I still can't tell you which way the money points. If that's the going model, then sure — free sounds strange.
It’s worth saying that government efforts are a different animal — they’re part of all of this but exist to serve critical infrastructure and government use cases. Look at them as parallel programs that will work with industry, not a replacement.
So let me explain why, and how we think about commercializing all of this. Because when you're deciding who to trust with a loaded weapon, how they make money off it is the single most important thing you can know about them.
The third question
Last time I gave you two questions to ask any company pitching you a clearinghouse: how fast do findings become fixes, and how many of those fixes land upstream. Here's the third: how do you make money on this, and from whom?
Follow the money, and you learn everything. Whether the pool will flow or fester. Whether findings get upstreamed or hoarded. Whether the whole thing survives past the hype cycle or quietly disappears when the headlines move on.
So here's ours. All of it. I'm writing it down so you can hold us to it, the same way I told you to hold everyone else.
Three principles, in order
The entire model falls out of three principles:
Secure the world.
Secure all of our customers.
Secure the participants in the clearinghouse.
The order matters more than the principles. When they conflict — and they conflict constantly — the one higher on the list wins. Everything below is just these three lines converted into a price list.
One ground rule before the prices, restated from last time: a private feed that anyone can join isn't private. It's public with extra steps. A clearinghouse is a set of decisions about who's in the room, and those decisions are exactly what gets priced.
Who's in the room
Four kinds of people show up at a clearinghouse: people sending findings, people with rules about their findings, partners who can use the data to protect others, and customers who want the fixes. The same organization sometimes wears three of those hats at once. Keep the hats straight, and the money map turns out to be simple.
Here's the whole model in one sentence: everyone who makes the world safer rides free, and the people who pay are the ones creating work.
What the finders are actually holding
Start with where the findings come from, because it explains everything about the value we provide.
Nobody is scanning open source on purpose. The findings are exhaust. You point a model at your own application and say, "break this," and the model does not care about the line between the code you wrote and the code you imported. It chains straight through some dependency three layers down that you've never heard of.
The flaws in your own code, you just fix. You own that code. But now you're holding a working exploit for code that isn't yours. You can't fix it. You can't publish it. You can't ethically sit on it. And even if ethics isn't your thing, self-interest lands you in the same place: we're all in one big supply chain together, and you're not secure until everyone you rely on patches too. It's a loaded weapon, and every day it sits in your possession, it's pure liability — legal, security, reputational, take your pick.
That's what we sell finders: custody. We take the dangerous thing off their hands, dedupe it against everyone else's findings, trace where else the pattern appears, build the fix, drive it upstream, and orchestrate the protection layers around it. They go back to their actual jobs.
Nobody's doing this solely out of the goodness of their hearts, and neither are we — though I do believe it's possible to do good and do well at the same time. But here's the thing about even the most mercenary finder: they want this information handled with care and used for the maximum benefit of everyone. Cybersecurity is still us versus them — all of us, including the companies I compete with, against the people attacking us. I've never met anyone in this industry who wanted their findings handled carelessly.
Free tomorrow
So here's the first price: if you have findings and don't care when or who we tell, we'll sign you up for free tomorrow. No invoice. Welcome aboard. And even if you don't care what happens next, we do — we're going to follow the principles above and handle it responsibly, same as everything else in the pool.
Why free? Because every finding we take in protects every one of our customers, and once it's upstreamed, everyone else too. Principle one is doing the pricing. Charging a toll at the front door of the thing that helps the world most would be the dumbest possible place to put friction.
This tier is also the control group for everything that follows, and here's what that means concretely: it's the same intake, the same factory, the same push upstream you'll see in every paid tier below. Nothing about the finding itself gets better because someone pays. So when a price does show up later, you'll know exactly what it's a price for — because you've already seen what the free version looks like with nothing added. Hold that baseline in mind. Everything else in this piece is a variation on it.
Who's actually in charge (not us)
Before the part where money changes hands, it's worth being blunt about the power dynamic, because everyone has it backward.
The fear is that a clearinghouse becomes the arbiter of disclosure — some central authority deciding what the world learns and when. That is not the seat I'm sitting in. The people who find this information control all of it. I can't dictate their terms. If I do something a submitter doesn't want, they stop paying me, or they stop sending me things, and then I can't help anyone. There are other clearinghouses. Switching costs one disclosure period. The findings walk out the door and don't look back.
A clearinghouse doesn't own the pool. It competes for it, one finding at a time.
Which is why submitter terms are honored and priced rather than refused. Refusing someone's embargo doesn't make the fix public. It just routes the finding somewhere with worse throughput, or nowhere at all — and then nobody gets protected, which violates all three principles at once.
We charge for the strings
Every data business ever built charges for access. We charge for restrictions.
If you show up with rules — an embargo timeline, a list of who's allowed to know, control over the disclosure — now we have to charge you. And you might want to show up with rules! This isn't a penalty. It's that your rules cost real money, three ways.
First, custody risk. An unpatched, undisclosed exploit is the most valuable target in the industry, and defending that channel to the bar it requires isn't cheap. The longer your timeline, the longer we're holding your weapon.
Second — and this is the one that actually stings — the withholding cost. We build the fix. We test it, sign it, and stage it. And then we can't ship it to our own customers yet, because we agreed to your terms. You're paying us to act against principle two. Every day of your embargo, I'm sitting on protection that my customers don't have. That should cost you, and it does.
Third, upstreaming labor. Landing a fix in the source — finding the maintainer, earning their trust, getting the patch accepted, handling the whole messy middle — is hard human work. It's also the only work that shrinks the problem instead of managing it.
Notice what the paid tier is, exactly: same finding, same factory, same push upstream as the free tier. The delta is the strings, and nothing else — the control group, again, doing its job.
And to be clear about the thing someone is already typing into a quote-tweet: nobody is ever less protected because someone else paid. Every customer gets protection the moment anything in the pool is disclosed. What a paying submitter gets is protection on their own findings from day minus-thirty instead of day zero — earlier for them, never later for anyone else. And everyone gets everything eventually, at no extra charge.
The partners ride free
Back to the guy on the phone.
You already know what his company does with the data — the shield in front of the world's critical infrastructure, exploitation blocked before disclosure ever happens. What I didn't tell you yet is who that shield is for: the water plants, the hospitals, the pipelines, and the grids. The rural water plant with one IT person was never going to patch inside the window. Now it doesn't have to. Most of the people behind that shield will never know there was anything to be protected from.
They're packaging that protection as a paid service, and their customers will pay extra for it. That's what he kept asking me about — whether I understood he was going to make money on data we're giving him for nothing.
I understood fine. We could charge for that advance notice. It is, by a wide margin, the most monetizable thing we have. We give it away, and the partners we've onboarded — the ones positioned to protect the most people — can charge whatever they want for what they build on it, with my blessing. Because the revenue is what makes the coverage durable. A protection layer that makes money is one that's still standing next year. That's the money pointing in the same direction as the protection, which is the entire thesis of this post in one transaction.
I'm not building a data business. I'm building a platform: get good information into the hands of anyone who can do something useful with it, and get out of the way. Giving away your most monetizable asset is either principled or idiotic. Ask me in three years which one it was.
There is no clearinghouse SKU
A lot of our submitters fall into one more bucket: they want fixes for the things they found, and they want them immediately. We absolutely charge for that.
But not extra. Those fixes come through the same products that already existed — the same registry, the same images and libraries, the same price, whether the finding came from their own red team, a frontier lab, or a public advisory anyone can read. "I found this, and I need the fix in my registry yesterday" isn't a premium tier. It's called being a customer.
This matters more than it looks. The price of protection did not change when the findings got scarier. There is no panic tax. The only new line item the clearinghouse created is the string-handling, and it's billed to the people holding the strings.
Last time I said Athena was the least important thing we built — same machine, new pipe. Turns out it's the same invoice, too.
The thermostat
Now look at the incentive gradient all of this creates, because it's my favorite part.
Most vendors price to maximize strings. Lock-in, exclusivity, longer contracts — the strings are the business model. Ours charges you for them. Fewer strings, smaller bill. Zero strings, free. The pricing pushes every submitter toward shorter embargoes and looser terms, which is exactly the direction the pool needs to move. Last time I told you the pool is a flow, not a vault, and that a backlog is the leak surface. The pricing is a thermostat set at the same setting.
And here's the thing: it's the only lever we have. I just told you I can't dictate anyone's terms — the finders hold the power, and mandates make them walk. What's left is making openness the cheapest option and being good enough at the job that people choose it anyway. Incentives are the whole game when you have no authority. That's not a weakness of the model. That's the model.
So here's a line you can hold me to: if revenue from embargo handling is growing as a share of our business, something is wrong. The healthy state is submitters graduating toward fewer strings, not more.
Everyone's worried about our revenue except me
I wake up every day thinking about this program. Usually, after falling asleep late thinking about it. And the thing I think about is never the revenue. It's how to make it the most useful thing for the world.
I appear to be alone in this. The partner on the phone couldn't believe I wasn't charging him. A CISO at one of the most important banks in the world has told me repeatedly that I need to figure out how to charge for this — he was worried I wasn't thinking about it enough. My board asks me every day if we're charging enough for it.
Sit with the CISO one for a second, because it's the thesis of this post talking back to me. He wasn't negotiating me down. He was telling me to charge him. When your customer is worried about your revenue, what he's actually worried about is whether the thing he depends on will still exist in three years. "Charge me" is a trust signal, from the other side of the table.
So here's my honest answer to all of them: I don't care how much we charge for it. We're trying to change the way the world consumes open source. Revenue is important, sure. I'm not dumb. But revenue three to five years from now is a lot harder to get than revenue now. Squeezing the clearinghouse today is easy money and a small number. Being the place the world sends its findings is hard money and a compounding one. I'll take the second trade every time.
The flywheel and the exit
Run the three principles in a loop, and you get the flywheel. Be the most useful clearinghouse for the world, and the findings come to you — nobody can find everything alone, and the pool is the payback. More findings mean our customers get the best protection anywhere. That funds the machine. The machine helps the world more. Around it goes, each principle feeding the one above it.
Which leaves the question I dangled at the end of the last post and nobody asked. I said the clearinghouses that matter are racing to make themselves unnecessary. Fine. So how do you make money on something designed to disappear?
You don't. That's the answer. A clearinghouse that is the business model can't afford to succeed, because success is silence — the day secure-by-design code starts coming back empty from the models, a standalone clearinghouse business starts starving. And a starving business will find reasons to keep the problem alive.
Ours can go idle without anything collapsing, because the clearinghouse was never the product. The factory was, and the factory has work either way.
The day Athena goes quiet, we don't lose a business. We win the bet.
Further reading
The hardest fork — the threat, and what has to change.
The Maintainer of Last Resort — Plan B, in detail.
Summer of Clearinghouses — why these exist, and the first two questions.
Athena — the coalition itself.
Share this article
Related articles
- open source
Expanding Athena
Dan Lorenc, Co-founder and CEO
- open source
The State of Trusted Open Source: June 2026
Sam Katzen, Director, Product Marketing, and Sasha Kelly, Product Analyst
- open source
The Maintainer of Last Resort
Dan Lorenc, Co-founder and CEO
- open source
Docker Hodgepodge Images
Chris Carty, Enterprise Sales Engineer
- open source
Open source died in March. It just doesn't know it yet.
Dan Lorenc, Co-founder and CEO
- open source
The State of Trusted Open Source: March 2026
Ed Sawma, VP of Product Marketing, and Sasha Itkis, Product Analyst