By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
David Brumley, CEO of ForAllSecure, reflects on the current vulnerability disclosure process and assesses what must change in order to accommodate the rapid speed and scale at which new vulnerabilities are being discovered.
Mel Llaguno, ForAllSecure's Commercial Solutions Lead, introduces readers to a next-generation fuzz testing technique that combines two proven and accepted Application Security Testing techniques: guided fuzzing and symbolic execution.
Analyzing MATIO And stb_vorbis Libraries With Mayhem
Maxwell Koo, ForAllSecure Engineer, documents how he uncovered 8 previously unknown vulnerabilities after analyzing two open source libraries -- Matio and stb_vorbis -- utilizing Mayhem, a next-generation fuzzer.
Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec
Paul Roberts, editor-in-chief at Security Ledger, sits down with David Brumley, CEO of ForAllSecure and Computer Science Professor at CMU, to discuss the potential of AI, machine learning, and automation in application security. They discuss what's possible today and may be possible in the future.
Why I'm Not Sold On Machine Learning In Autonomous Security: Some Hard Realities On The Limitations Of Machine Learning In Autonomous NetSec
Incorporating machine learning into your autonomous netsec strategy? Think again. ForAllSecure CEO David Brumley shares the realities and limitations of ML for autonomous security, as well as the criteria to keep in mind for implementing autonomous security into your organization.
Beginning Fuzz Cycle Automation: Improving Testing And Fuzz Development With Coverage Analysis
Learn how developers can introduce automated fuzz testing into their workflow with a fuzzing harness and open source tools to easily consume fuzzing results.
New To Autonomous Security? The Components, The Reality, And What You Can Do Today
Ready for autonomous application security? Here's the reality of the landscape, the 4 key components to implementing autonomous security, and what you can do today.
Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar
Security and speed are often perceived to be mutually exclusive. ForAllSecure posits that they don’t have to be. In this webinar, Brumley unveils a next-generation dynamic testing technique that security teams trust and developers love.