Collaborate Disseminate
As we look into the new year, we see three trends emerging for the new year for application security. DevOps/DevSecOps drive fuzzing mainstream. The 2020 Standard C++ Foundation annual survey showed that 37% of developers are now using fuzzing in conce… Continue reading 3 AppSec Predictions For 2021
Irrespective of what industry you’re in and where you’re located in this world, 2020 has been an eventful year. Ranging from the state of global health to national politics to social justice, the challenges we continue to face have rested heavy on our … Continue reading A Holiday Message
Remember trigonometry, where you were given the length of two sides of a triangle and had to compute the third side? We remembered vaguely SOH CAH TOA, but not much more. One thing we would have bet $50 on: That there wouldn’t be a buffer overflow… Continue reading CVE-2020-10029: Buffer overflow in GNU libc trigonometry functions?!?
Leaders proactively mitigate risk. One large risk they can mitigate is being blindsided by an unknown software vulnerability. Attackers who find an unknown vulnerability potentially can exploit all of an agency’s systems. When agency IT team… Continue reading Why fuzzing is your friend for DevSecOps
The 1980’s film “Wargames” asked a computer to learn whether global thermonuclear war made sense. In the film, thermonuclear war didn’t make sense but what if, in real life, preemptive cyberattacks were our best hope for wi… Continue reading Game Theory: Why System Security Is Like Poker, Not Chess
In 2016, Mayhem — then still a research prototype — showed that fully autonomous cybersecurity was possible. This was just the first step.
The post Mayhem Moves to Production with the Department of Defense appeared first on Security Boulevard.
Continue reading Mayhem Moves to Production with the Department of Defense
COVID-19 is a global pandemic that affects everyone. We all need to work together, and I wanted to share with you some of the things ForAllSecure is doing.
The post ForAllSecure’s Response to COVID-19 appeared first on Security Boulevard.
Continue reading ForAllSecure’s Response to COVID-19
How many potholes did you encounter on your way into work today? How many of them did you report to the city?
The post Autonomy and the Death of CVEs? IS the Manual Process of Reporting Bugs Holding Back the Advent of Automated Tools? appeared fir… Continue reading Autonomy and the Death of CVEs? IS the Manual Process of Reporting Bugs Holding Back the Advent of Automated Tools?
Tell me if you’ve heard this: there is a new advanced network intrusion device that uses modern, super-smart Machine Learning (ML) to root out known and unknown intrusions. The IDS device is so smart, it learns what’s normal on your ne… Continue reading Why I’m not Sold on Machine Learning in Autonomous Security: Some Hard Realities on the Limitations of Machine Learning in Autonomous netsec