Introduction to Fuzzing Software

ITEA members will receive credit towards CPE’s. If you are currently not a member the cost to attend is $25. Please call 951-219-4817 to register if you are not a member. If you would like to become one, please visit our online store. 

Abstract:

Do you love manually performing security and functional tests? If so, this lunch and learn is not for you.

The world is facing a software security crisis.  We’re shipping code faster than ever, and we know attackers routinely use exploits for software vulnerabilities to break into critical systems.  Today 87% of organizations say they cannot automate security and assurance testing. The result: a permanent offense advantage.

You can build an autopilot for appsec, but it won’t be using the tech you currently use. In 2016, DARPA conducted a $60 million dollar research study to determine whether an autopilot for software assurance was possible.  One surprising conclusion: none of the competitive entries used traditional industry tools like SAST (Static Application Security Testing) or SBOM (software bill of materials) tools. Instead, every competitive entry realized that fuzzing must be the foundation.

This lunch and learn will focus on fuzzing, and how to build an autonomous software security and assurance pipeline. We will give a high-level overview of what it takes to set one up and get software into the pipeline, as well as the benefits once completed. We’ll also discuss emerging industry standards that are satisfied or required by fuzzing, including Aerospace, Automotive, NIST, the Missile Defense Agency, and even Roblox games.

David Brumley, Ph.D
CEO,
ForAllSecure

Register Now! (Members Only)

Did you miss our previous Lunch & Learns? Members can still view the recording under Education> Recorded webinars.

Become a member now to access these recordings.

For a complete list of ALL upcoming Lunch & Learns as well as events visit our Event Calendar.