User:Tqbf/Vulnerability Research
Appearance
In computer science, vulnerability research refers to...
Concepts
Vulnerabilities
- A vulnerability is an exploitable flaw in a system
- Vulnerabilities occur in hardware, software, and firmware
- Vulnerabilities have different impacts --- CIA triad and AAA protocol are two metrics
- The canonical vulnerabilities are remote code execution, SQL injection, and XSS.
Finding vulnerabilities
Penetration testing
Source code review
Reverse engineering
Fuzzing
Advisories
Industry adoption
In-house vulnerability research
- Microsoft
- Cisco
Vulnerability research at security vendors
- ISS/IBM
- MCAF
Industry venues
- Black Hat
- Uninformed
- WOOT
- CERT
- Bugtraq
Societal impact
- Voting
- DRM
Parallels in antivirus
- Writing virus signatures not the same thing as VR.
Parallels in cryptography
- Cryptanalysis is most of cryptography.
Controversy
Full Disclosure
Vulnerability markets
Legal issues
Web application testing
- You don't own the app, so you can get busted for finding vulns.
End-user license agreements
Nondisclosure agreements
Trade secret law
Copyright
Specific laws
- That Michigan law that bans sniffers