The Scalability of Vulnerability Analysis
MetadataShow full item record
Analyzing software for vulnerabilities is an important capability in ensuring the security of a computing system. As software has become more complex and ubiquitous, however, traditional vulnerability analysis techniques have failed to scale with the software. This talk will look through some of the history of vulnerability analysis, starting with manual analysis and simple fuzzing, and will move into modern intelligent fuzzing and symbolic execution. Trade-offs between analysis effectiveness and scalability will be discussed throughout, and the talk will conclude by looking at the potential future of hybrid human-computer vulnerability analysis.