Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Mayhem, The Vulnerability-Finding & Fixing Supercomputer
Quote:Mayhem is a water cooled supercomputer, of sorts, capable of finding, validating, and patching security vulnerabilities in code. While this method isn’t altogether new, what is new is how Mayhem will actually exploit the vulnerability first, obtaining proof of vulnerability (anything that would lead to elevated privileges or root access), rather than just flagging what may be a false positive. This is akin to the type of code a black-hat hacker might use to gain access.

One of Mayhem’s first tests came by setting it loose on every program in the Debian Linux distribution, where it found 14,000 unique vulnerabilities -- 250 of which were new, never before discovered.
After winning the competition, David Brumley (cofounder and CEO of ForAllSecure) stated that ForAllSecure would sell Mayhem’s services to early adopters like the U.S. Government. Additionally, Brumley stated that Mayhem will work alongside humans for now, but he believes that in the future, machines will handle the job solo.

Forum Jump:

Users browsing this thread: 1 Guest(s)