Abstract
Cyberdyne is a distributed system that discovers vulnerabilities in third-party, off-the-shelf binary programs. It competed in all rounds of DARPA’s Cyber Grand Challenge (CGC). In the qualifying event, Cyberdyne was the second most effective bug-finding system. In the final event, it was the bug-finding arm of the fourth-place team. Since then, Cyberdyne has been successfully applied during commercial code audits. The first half of this article describes the evolution and implementation of Cyberdyne and its bug-finding tools. The second half of the article looks at what it took to have Cyberdyne audit real applications and how we performed the first paid automated security audit for the Mozilla Secure Open Source Fund. We conclude with a discussion about the future of automated security audits.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.