The last 2 years have seen greater advances in automated security testing than the 10 before it. AFL engineered known best practices into an easy-to-use tool, the DARPA Cyber Grand Challenge provided a reliable competitive benchmark and funding for new research, and Project Springfield (aka SAGE) is now available to the public. The common availability of these new technologies has the potential for massive impact on our industry.
How do these tools work and what sets them apart from past approaches? Where do they excel and what are their limitations? How can I use these tools today? How will these technologies advance and what further developed is needed? And finally, how much longer do humans have as part of the secure development lifecycle?
Resources
Presented at
- BSidesLisbon, November 2016
- IT Defense, February 2017
- Mandarin Appreciation Society, February 2017
More info
Team
- Dan Guido with help from Artem Dinaburg, Ryan Stortz, and Peter Goodman