$2m DARPA Award Sparks Mayhem Testing, ForAllSecure
Secure software depends on people finding vulnerabilities and deploying fixes before they are exploited in the wild. This has lead to a world of security researchers and bug bounties directed at finding new vulnerabilities.
As dedicated as security researchers are, there is a vast ocean of software in existence, waiting for someone to find and exploit the next security vulnerability for profit or nefarious uses. With autonomous vehicles on the horizon, is there an autonomous solution to finding and fixing software vulnerabilities?
Enter DARPA Cyber Grand Challenge winner “Mayhem”, created by a team of researchers from Carnegie Mellon University who spun out security startup ForAllSecure. And they have a BHAG (Big Hairy Audacious Goal). "Our vision is to check the world’s software for exploitable bugs so they can be fixed before attackers use them to hack computers”. Mayhem has moved on from capture the flag contests to observing and finding vulnerabilities in DoD software and is working its way to corporate systems.
In this episode of DevOps Chats we talk with David Brumley, ForAllSecure co-founder and CEO, and CMU professor about the technology behind Mayhem, how it observes software as it executes, and injects changes to effect and observe new and potentially exploitable behaviors. More information about Mayhem is also available at www.forallsecure.com.
Om Podcasten
"DevOps Chats" by Techstrong Group, the force behind industry-leading platforms like DevOps.com, Cloud Native Now, Security Boulevard, Techstrong.ai, DigitalCxO, and Techstrong.TV, is your premier destination for all things DevOps. Hosted by industry veterans Alan Shimel and Mitchell Ashley, this podcast series delves deep into the world of DevOps, bringing you the latest trends, innovative strategies, and insightful discussions that matter.
Each episode of "DevOps Chat" is a journey through the evolving landscape of DevOps, featuring interviews with thought leaders, practitioners, and change-makers who are shaping the future of technology. Whether you're a developer, operations professional, IT leader, or tech enthusiast, Alan and Mitchell ensure you stay informed, engaged, and ahead of the curve.
From continuous integration and delivery to cloud-native development and cybersecurity, "DevOps Chat" covers the spectrum, offering valuable lessons, expert advice, and engaging stories. Tune in to explore how DevOps principles and practices are transforming the tech industry, driving efficiency, enhancing security, and fostering innovation.
Join us at "DevOps Chat" for your regular dose of DevOps insights, inspiration, and community. It's not just a podcast; it's your gateway to the forefront of the DevOps movement. Subscribe now and be part of the conversation that's setting the pace for the future of technology.