Sunday, March 22, 2009

Microsoft Unveils Open Source Exploit Finder

This excerpt from the Register is about an open-source security assessment tool Microsoft presented at CanSecWest:

"Microsoft on Friday released an open-source program designed to streamline the labor-intensive process of identifying security vulnerabilities in software while it's still under development. As its name suggests, !exploitable Crash Analyzer (pronounced 'bang exploitable crash analyzer') combs through bugs that cause a program to seize up, and assesses the likelihood of them being exploited by attackers. Dan Kaminsky, a well-known security expert who also provides consulting services to Microsoft, hailed the release a 'game changer' because it provides a reliable way for developers to sort through thousands of bugs to identify the several dozen that pose the greatest risk."

No comments:

Post a Comment

Thank you for keeping your comments clean and friendly. CPAUG reserves the right to remove posts at its discretion but makes no guarantee of comment moderation.

Note: Only a member of this blog may post a comment.