rmstein@ieee.org
Date: Tue, 5 Feb 2019 13:20:41 +0800
https://spectrum.ieee.org/computing/software/mayhem-the-machine-that-finds-software-vulnerabilities-then-patches-them
High-speed "find and fix" capability for unpatched, exploitable vulnerabilities -- artificial White-Hats in a box.
I wonder how well this capability performs against a Stuxnet or the TAO toolkit?
Risk: Automated software security vulnerabilities detection and patch reduces vigilance, builds complacency, and compromises organizational resilience.
Note: "Mayhem" was a malware strain that exploited bash(1) vulnerabilities
(RISKS-28.31).