Dailydave mailing list archives
STONESOUP
From: dave <dave () immunityinc com>
Date: Tue, 25 Aug 2009 17:46:28 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 C.F.: http://www.iarpa.gov/solicitations_stonesoup.html To summarize the link above: """ The goal of the STONESOUP program is to develop and demonstrate technology to advance automated techniques for software analysis, to combine them with methods for confining software execution so that known weaknesses cannot be exploited, and to diversify software components so that residual vulnerabilities will be more difficult for attackers to discover or exploit. Tools that can operate on programs written in common, type-safe languages such as Java or C#, in flexible but harder-to-analyze languages such as C or C++, as well as programs only available in binary format are all of interest to the program. """ Lately I've noticed a trend towards finding a way to force offensive tools to become defensive tools. I think STONESOUP is one example of this. Assuming it's not just a cover for "We want to find better bugs in binaries" then STONESOUP is trying to take the unsolvable Google Native Client problem and adding the very hard binary analysis problem. But it is useful to learn how many teams there are with their own amazing static analysis tools and fantastic containment systems. :> Everyone go home! Problem solved! :> - -dave And now, a word from our sponsor that you should read and then respond to! :> _____________________________________________________________________ Immunity Inc. is offering the below special deal for the upcoming Hacker Halted Conference in Miami, FL. To get the special discounted rate you will need to email admin () immunityinc com for the promo code to be used at time of registration online. 1. Special rate of just $999 (Normal is $1299) 2. Full Access to ALL open sessions of the conference from Sep 23 - 25, 2009 3. All lunches and coffee breaks provided for (Sep 23 - 25, 2009) 4. Attend a choice one of the 3 following one-day training on Sep 25, 2009, covering the following topics: a) Identifying Threats and Deploying Countermeasures b) Incident Response: Principles of Incident Handling c) Virtualization Security: Threats Exposed *These workshops are led by EC-Council Master Instructors and are worth $599! 5. Free EC-Council Certification Training Courseware and Exam Voucher! Choose one of the following: a. EC-Council Certified Secure Programmer (ECSP) Read HERE <http://www.eccouncil.org/ECSP.htm> b. EC-Council Certified VoIP Professional (ECVP) Read HERE <http://www.eccouncil.org/ECVP.htm> c. EC-Council Disaster Recovery Professionals (EDRP) Read HERE <http://www.eccouncil.org/edrp.htm> *These official electronic courseware and Prometric Prime Vouchers are worth a combined of $900! ($650 + $250) *Redeemable from Nov 1, 2009. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkqUW7QACgkQtehAhL0gheqouQCeJCHg7BS4janTGhC/kfWg9DFm 1LEAmwTwBAz+LbZExm4SCTSui3TgEC5J =15wB -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- STONESOUP dave (Aug 25)