Both DEFCON and PWN 2 OWN serve, to different extents, to expose security risks and fix them. The problem is that Hacking itself gets a negative connotation as it is portrayed in the popular media.

One method that applies the concepts of DEFCON and PWN 2 OWN without carrying the negative connotations of hacking is the develpment and maintenance of Open Source Software.

Open SourceSoftware (OSS) is software that is usually freely distributed, but unlike most freeware, whose source code is usually not publicly divulged, OSS usually includes the complete source code for the program in the installation medium, or make the source code publicly available for people to use, and in most cases, to modify and/or include in other applications.

In the context of fixing security vulnerabilities, OSS provides the benefit of having access to the behind-the-scenes of how a program works (the source code), and makes the finding, testing, and fixing of vulnerabilities much easier than in closed-source software, where vulnerabilities are found through trial-and-error, and those responsible for finding the vulnerability, are not usually empowered to fix it.

In any computer program, the risk of potential security vulnerabilities rises in a manner directly related to the amount of source code that the program contains.

In large programs (10 thousand lines of code or more), OSS becomes crucial in post-development debugging, for that every user is a potential debugger, depending on the user's coding proficiency level; whereas if a bug is found in a popular closed-source software, even if reported, the amount of people in charge of finding the cause of the bug are orders of magnitude less than the number of users for that specific program.

An example: Software A is OSS and Software B is closed-source. Both have the same number of users.
Both have one bug that the development team missed.
Both programs have the same target audience: system administrators. (All users should be able to find the cause of the bug)
Both bugs have a 1 in 10 (10%) chance of happening every time the program is run.
Software A has a debugging manpower of its entire user base, while
Software B has the debugging manpower of its development team.
It is more likely for the bug in Software A to be found before it is found in Software B, given the fact that users of SOftware A can get a general idea where the bug resides while the program is running, and depending in their coding proficiency, might be able to provide the developers with a source code patch that would fix the bug.
Even if a user of Software B found the bug, without the actual source code, the user is dependent in being able to contact the development team of Software B in order to get the bug fixed.