darpa
Our thoughts on AIxCC’s competition format
By Michael Brown Late last month, DARPA officially opened registration for their AI Cyber Challenge (AIxCC). As part of the festivities, DARPA also released some highly anticipated information about the competition: a ...
DARPA’s AI Cyber Challenge: We’re In!
We’re thrilled to announce that Trail of Bits will be competing in DARPA’s upcoming AI Cyber Challenge (AIxCC)! DARPA is challenging competitors to develop novel, fully automated AI-driven systems capable of securing ...
How CISA can improve OSS security
By Jim Miller The US government recently issued a request for information (RFI) about open-source software (OSS) security. In this blog post, we will present a summary of our response and proposed ...
White House Announces AI Cybersecurity Challenge
At Black Hat last week, the White House announced an AI Cyber Challenge. Gizmodo reports: The new AI cyber challenge (which is being abbreviated “AIxCC”) will have a number of different phases ...
DARPA AI Cyber Challenge Part of White House Plan to Harness, Secure AI
DARPA's AI Cyber Challenge encourages cybersecurity and AI pros to find ways to automatically detect and fix software flaws and protect critical infrastructure ...
AIs as Computer Hackers
Hacker “Capture the Flag” has been a mainstay at hacker gatherings since the mid-1990s. It’s like the outdoor game, but played on computer networks. Teams of hackers defend their own computers while ...
Managing risk in blockchain deployments
Do you need a blockchain? And if so, what kind? Trail of Bits has released an operational risk assessment report on blockchain technology. As more businesses consider the innovative advantages of blockchains ...
Are blockchains decentralized?
A new Trail of Bits research report examines unintended centralities in distributed ledgers Blockchains can help push the boundaries of current technology in useful ways. However, to make good risk decisions involving ...
Graphtage: A New Semantic Diffing Tool
Graphtage is a command line utility and underlying library for semantically comparing and merging tree-like structures such as JSON, JSON5, XML, HTML, YAML, and TOML files. Its name is a portmanteau of ...
Reinventing Vulnerability Disclosure using Zero-knowledge Proofs
We, along with our partner Matthew Green at Johns Hopkins University, are using zero-knowledge (ZK) proofs to establish a trusted landscape in which tech companies and vulnerability researchers can communicate reasonably with ...