The speaker discusses their approach to reporting vulnerabilities to vendors and a dead man's switch strategy they use to make sure vulnerabilities are addressed in a timely manner, citing the example of Trend Micro publicly disclosing zero days on HP due to the vendor not fixing their vulnerabilities quickly enough.