Cyber UL nonprofit uses binaries to assess software quality

News by Jeremy Seth Davis

Security researcher Peiter Zatko, better known in the industry by his hacker moniker "Mudge," will unveil details of a cybersecurity "underwriters' laboratory" project that he announced last year on Twitter.

Cyber-security researcher Peiter Zatko, better known in the industry by his hacker moniker “Mudge,” will discuss details of the Cyber Independent Testing Laboratory (CITL) project at the Black Hat conference in Las Vegas next week. 

CITL analyses binaries to assess “the software quality and inherent vulnerability in over 100,000 binary applications on Windows, Linux, and OS X," according to a presentation description on the Black Hat website. The project codified the “heuristics that attackers use to identify which targets are hard or soft against new exploitation”.

Zatko has been working on the CITL since leaving Google last year. When asked by a White House contact to establish a government programme to evaluate software, according to a report in The Intercept, he instead raised $600,000 in funding from DARPA, the Ford Foundation and Consumers Union, then launched CITL as a nonprofit with his wife, Sarah Zatko.

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events