HP Active Countermeasures (HPAC) Service

I was aware of HP's 'Active Countermeasures' since 2005. I believe that HP-UX is a very insecure unix (compared to other famous ones) but they want to be active in securing other servers with various operating systems. Believe it or not, HP is planing to give penetration testing service to costumers:

The HPAC team will use hacking techniques to gain control of clients' systems. They will use exploit code for known vulnerabilities found on the Internet, or write their own exploit code. The HPAC team won't fix problems themselves, but will alert customers and work with them if necessary until the issue is resolved. We're most concerned with 'wormable' vulnerabilities — ones that can be exploited using worms, as they have the largest impact on business," said Brown. ('HP: Hacking techniques help security')

Yes, they will write their own exploit code if necessary. First mr.scriptkiddy registers for the service. Then he monitors/logs to see what is performed on his machine by HPAC. Then he has the HPAC's-only-for-testing-purpose exploit code. Finally he uses it against other machines. HP will be his fresh source of new exploits.