Explore a conference talk from the Linux Foundation's LSS NA 2022 event focusing on Code Aware Services (CAS) for vulnerability detection in complex software systems. Dive into the challenges of ensuring reliability and security in modern software products with multiple configurations and custom build steps. Learn about CAS, a set of tools developed for Android Linux kernel that extracts information from build processes and source code. Discover the components of CAS, including a low-overhead build tracer kernel module and a clang-based source code processor. Examine real-world applications of CAS, such as web-based security code review systems, structure-aware fuzzing of kernel components, and automated generation of off-target fuzzing harness code. Gain insights into potential future directions for using CAS in general source code operations, including smart indexing.
Code Aware Services for Vulnerability Detection - Welcome Back and Remarks
Overview
Syllabus
Welcome Back & Remarks & Code Aware Services in the Service of Vulnerability Detection
Taught by
Linux Foundation
Tags
Related Courses
-
DevSecOps Fundamentals
-
Security Posture Assessment and Improvements for Open Source Projects
-
Bugs Ruin Everything - Keynote on Vulnerability Analysis and Exploitation
-
Making Fuzzing Part of Your Software Development Lifecycle
-
Zero-Configuration Runtime Software Component Detection
-
Matching CVEs and Source Code for Vulnerability Detection
