Publishing something that reads like a disclosure of a vulnerability but ends with a pitch is in slightly poor taste. As is signing up to defend someone's advertorial!

If a company discloses vulnerabilities, they can't also then write that their product can actually help mitigate those vulnerabilities? So, you want them to offer problems without solutions?

I get that ideally the company would offer a slew of solutions across many companies, but this is still good, no?

I mean it looks like finding vulnerabilities is central to this company's goal, which is why they employ many researchers. I'd imagine they also incorporate the mitigations for the vulns into their product. So it's sort of weird to be "against" this. Like, do you just not want companies who deal in selling cybersecurity solutions simultaneously involved in finding vulnerabilities?