By adding your email address, you are subscribing to the Team Orlando News newsletter. Team Orlando News does not share subscriber data under any circumstance. You can unsubscribe at anytime.
DARPA Seeks a New Gold Standard in Cybersecurity
TOPICS & CATEGORIES
INGOTS aims to speed up identification and remediation of vulnerabilities using near-full automation
It’s no secret that developers and cyberspace defenders must accurately understand risks within software and hardware to maintain a robust security posture. Today, sophisticated cyberattacks link multiple vulnerabilities to bypass security measures and compromise critical, high-value devices. Yet, often critical vulnerabilities go unfixed as resources are allocated to less significant issues.
That is because today’s metrics fail to capture numerous nuanced factors that differentiate a harmless software flaw from a potent vulnerability. Without accurate methods to measure the exploitability of a particular vulnerability, developers and defenders must rely on empirical evidence to assess its severity and prioritize it for remediation. Such evidence requires time and costly resources and is often insufficient or incomplete, especially for vulnerabilities within complex systems.
DARPA’s Intelligent Generation of Tools for Security (INGOTS) program aims to identify and fix high-severity, chainable vulnerabilities before attackers can exploit them. INGOTS will pioneer new techniques driven by program analysis and artificial intelligence to measure vulnerabilities within modern, complex systems, such as web browsers and mobile operating systems.
“In an attack paradigm where exploitability depends on the emergent behavior of vulnerability combination, risk depends on understanding the complex relationships between neighboring vulnerabilities,” said Perri Adams, INGOTS program manager in DARPA’s Information Innovation Office. “Rather than develop a fully automatic process, we want to create a computer-human pipeline that seamlessly allows human intervention in order to fix high-severity vulnerabilities before an attack.”
Successful INGOTS research will improve software and hardware resiliency of pervasive commercial devices by rapidly identifying and prioritizing their most dangerous flaws.
INGOTS is a three-year program with two phases. Phase 1 will focus on exploring, designing, developing, and demonstrating tools and techniques. Phase 2 will focus on maturing and refining these tools and techniques and expanding their coverage across vulnerability and exploitation classes. Each phase will have intermediate meetings, hackathons, and demonstrations and will end with an evaluation in collaboration with government partners.
Team Orlando News offers two options of event listings:
A complimentary event listing includes the name and date of your event, as well as a link to your event’s website. Event listings must be approved by Team Orlando News staff and are then posted on the Event page; these listings appear in date order.
A signature event listing is featured on the Events page and includes all of the above, plus a description (up to 400 characters), entry fee, where the event is located and one featured image/photo. The cost per signature listing is $150.