t o w a r d s e a s i e r s e c u r i t y p a t c h p o r

T o w a r d s E a s i e r S e c u r i t y P a - PowerPoint PPT Presentation

Jun 22, 2023 •382 likes •522 views

T o w a r d s E a s i e r S e c u r i t y P a t c h P o r t i n g L u c i a n o B e l l o l u c i a n o @d e b i a n . o r g l u c i a n o . b e l l o @i b m . c o m J

  1. T o w a r d s E a s i e r S e c u r i t y P a t c h P o r t i n g L u c i a n o B e l l o l u c i a n o @d e b i a n . o r g l u c i a n o . b e l l o @i b m . c o m J o i n t w o r k w i t h J o e y S c h w a r z a n d J e s ú s P é r e z https://board.net/p/PatchPorting

  2. https://board.net/p/PatchPorting

  3. https://board.net/p/PatchPorting

  4. x i m e u l B S e c u r i t y T r a c k e r https://board.net/p/PatchPorting

  5. D e mo https://board.net/p/PatchPorting

  6. S t a t i s t i c s Sid Buster Stretch Jessie Wheezy 0 50 100 150 200 250 https://board.net/p/PatchPorting

  7. C u r r e n t ( - i s h ) F e a t u r e s ● B u i l d i n g a s a “ t e s t ” ● Q u i l t - r e a d y p a t c h a s a r e s u l t ● T r i e s p a t c h e s f r o m d i f e r e n t p r o v i d e r s ● M o r e f e x i b l e h e u r i s t i c s t h a n p a t c h ● V i s u a l i z e s a m b i g u i t i e s ● S p o t s t r i v i a l c a s e s e a s i l y ● E a s y c u s t o m i z a b l e r e - r u n https://board.net/p/PatchPorting

  8. G o a l T o h a v e a p l a t f o r m w h e r e s e c u r i t y p a t c h e s a r e s h a r e d a n d a u t o m a t i c a l l y p o r t e d t o d i f e r e n t v e r s i o n s , a n d m u l t i p l e s t a k e h o l d e r s c a n d e f n e t o g e t h e r w h a t i s a g o o d p a t c h a n d c o n s u m e s o l u t i o n s f r o m o t h e r s . https://board.net/p/PatchPorting

  9. R o a d ma p a n d P l a n s ● I m p r o v e p e r f o r m a n c e ● I n t e g r a t i o n w i t h t h e t r a c k e r ○ I f t h a t ' s o k e y w i t h y o u : ) Patch ○ A f e l d w o u l d h e l p ○ S S O f o r c u s t o m r u n s https://board.net/p/PatchPorting

  10. R o a d ma p a n d P l a n s ● B e t t e r ( a n d m o r e ) c r a w l i n g f o r p a t c h e s ( e . g . f r o m o t h e r d i s t r o s ) ● A d d P O C t e s t i n g ? ● I n t e r f a c e i m p r o v e m e n t s ● M a c h i n e l e a r n i n g ( ? ) ● A d d n e w a n d f a n c y h e u r i s t i c s https://board.net/p/PatchPorting

  11. https://board.net/p/PatchPorting

  12. u s e o f i s o mo r p h i s ms i f ( ! y ) i f ( y = = N U L L ) i f ( N U L L = = y ) https://board.net/p/PatchPorting

  13. C a l l f o r c o mme n t s a n d c o l l a b o r a t i o n ● E v e r y t h i n g i s M I T l i c e n s e d ○ P a t c h c r a w l e r : n o d e . j s ○ T h e p a t c h e r : p y t h o n ● A d d p a t c h e s t o t h e s e c u r i t y t r a c k e r ● C l e a r l y i d e n t i f y t h e C V E i d i n y o u r s e c u r i t y q u i l t p a t c h h e a d e r . https://board.net/p/PatchPorting

Recommend

Understanding Automatically- Generated Patches Through Symbolic Invariant Differences Padraic

Understanding Automatically- Generated Patches Through Symbolic Invariant Differences Padraic

Understanding Automatically- Generated Patches Through Symbolic Invariant Differences Padraic Cashin, Carianne Martinez, Westley Weimer, Stephanie Forrest The Problem Automated program repair may reduce software maintenance costs

86 views • 8 slides
Debugging the Performance of Mavens Test Isolation: Experience Report Pengyu Nie 1 Ahmet Celik

Debugging the Performance of Mavens Test Isolation: Experience Report Pengyu Nie 1 Ahmet Celik

Debugging the Performance of Mavens Test Isolation: Experience Report Pengyu Nie 1 Ahmet Celik 2 Matthew Coley 3 Aleksandar Milicevic 4 Jonathan Bell 3 Milos Gligoric 1 1 The University of Texas at Austin 2 Facebook, Inc. 3 George Mason

849 views • 49 slides
HTTP-PATCH for read-write linked data rurik.greenall@computas.com / @brinxmat Apart from

HTTP-PATCH for read-write linked data rurik.greenall@computas.com / @brinxmat Apart from

HTTP-PATCH for read-write linked data rurik.greenall@computas.com / @brinxmat Apart from being a person who likes using all available fonts on one slide I work as a consultant for Computas, where I specialise in semantic web and library

876 views • 51 slides
Review of Patch Reviewing Stephen Frost Crunchy Data stephen@crunchydata.com PGConf.EU 2018

Review of Patch Reviewing Stephen Frost Crunchy Data stephen@crunchydata.com PGConf.EU 2018

Review of Patch Reviewing Stephen Frost Crunchy Data stephen@crunchydata.com PGConf.EU 2018 October 24, 2018 Introduction About Patches Commitfests Reviewing a Patch Committing Patches Committers Stephen Frost Chief Technology Officer @

637 views • 25 slides
poudriere for Ports Maintenance Matthew Seaman EuroBSDCon 2019 Lillehammer Who am I?

poudriere for Ports Maintenance Matthew Seaman EuroBSDCon 2019 Lillehammer Who am I?

poudriere for Ports Maintenance Matthew Seaman EuroBSDCon 2019 Lillehammer Who am I? FreeBSD Admin since the last millennium Ports committer since 2012 pkg(8) developer (lapsed) Former core secretary Who are you? Name

792 views • 41 slides
Anti-debugging techniques Malware Analysis Seminar Meeting 3 Cody Cutler, Anton Burtsev

Anti-debugging techniques Malware Analysis Seminar Meeting 3 Cody Cutler, Anton Burtsev

Anti-debugging techniques Malware Analysis Seminar Meeting 3 Cody Cutler, Anton Burtsev Debugger detection PEB.BeingDebuggedFlag BeingDebugged flag in PEB Call kernel32!IsDebuggerPresent() call [IsDebuggerPresent] test eax,eax

1.09k views • 56 slides
IP Log for tools.ajdt Version 2.1.0, June 2010 Licenses Eclipse Public License v1.0

IP Log for tools.ajdt Version 2.1.0, June 2010 Licenses Eclipse Public License v1.0

IP Log for tools.ajdt Version 2.1.0, June 2010 Licenses Eclipse Public License v1.0 Third-Party Code CQ Third-Party Code License Use (no third-party dependencies) No pre-req dependencies Committers Past and Present Active Name

434 views • 4 slides
Measuring the impacts of the Preempt-RT patch maxime.chevallier@smile.fr October 25, 2017 RT

Measuring the impacts of the Preempt-RT patch maxime.chevallier@smile.fr October 25, 2017 RT

Measuring the impacts of the Preempt-RT patch maxime.chevallier@smile.fr October 25, 2017 RT Linux projects Simulation platform : bi-xeon, lots ot RAM 200 s wakeup latency, networking Test bench : Intel atom 1s max latency, I/O and networking

431 views • 25 slides
Tensor Networks for Medical Image Classification Presented at MIDL, 2020 Raghav endra Selvan &

Tensor Networks for Medical Image Classification Presented at MIDL, 2020 Raghav endra Selvan &

university of copenhagen Tensor Networks for Medical Image Classification Presented at MIDL, 2020 Raghav endra Selvan & Erik B. Dam Dept. of Computer Science, University of Copenhagen raghav@di.ku.dk @SuperVoxel Code:

488 views • 26 slides
Minimal Rewiring: Efficient Live Expansion for Clos Data Center Networks Shizhen Zhao 1 2 ,

Minimal Rewiring: Efficient Live Expansion for Clos Data Center Networks Shizhen Zhao 1 2 ,

Minimal Rewiring: Efficient Live Expansion for Clos Data Center Networks Shizhen Zhao 1 2 , Rui Wang 1 , Junlan Zhou 1 , Joon Ong 1 ,Jeffrey C. Mogul 1 , Amin Vahdat 1 1. Google NetInfra; 2. Shanghai Jiao Tong University 1 Clos Topology for

536 views • 26 slides
I know who you are, but you can't come in Authentication and single sign-on in the SAS platform

I know who you are, but you can't come in Authentication and single sign-on in the SAS platform

I know who you are, but you can't come in Authentication and single sign-on in the SAS platform Agenda Authentication Inbound authentication Outbound authentication Single Sign-on Definitions Stage Process Method Physical

781 views • 48 slides
Quality Assurance in PostgreSQL Anastasia Lubennikova Aleksander Alekseev Agenda

Quality Assurance in PostgreSQL Anastasia Lubennikova Aleksander Alekseev Agenda

Quality Assurance in PostgreSQL Anastasia Lubennikova Aleksander Alekseev Agenda Development Testing Benchmarking Tools Other Topics What is PostgreSQL? Open source object-relational database system

429 views • 25 slides
La Larg rge-Scal Scale Patch Patch Reco comme mmendati ation at at Alibab aba Xindong

La Larg rge-Scal Scale Patch Patch Reco comme mmendati ation at at Alibab aba Xindong

La Larg rge-Scal Scale Patch Patch Reco comme mmendati ation at at Alibab aba Xindong Zhang 1 , Chenguang Zhu 2 , Yi Li 3 , Jianmei Guo 1 , Lihua Liu 1 , and Haobo Gu 1 1. Alibaba Group 2. University of Texas at Austin 3. Nanyang

462 views • 7 slides
COMP 204 Functions II Mathieu Blanchette based on material from Yue Li and Carlos Oliver

COMP 204 Functions II Mathieu Blanchette based on material from Yue Li and Carlos Oliver

COMP 204 Functions II Mathieu Blanchette based on material from Yue Li and Carlos Oliver Gonzalez 1 / 13 Quiz 11 password 2 / 13 Example: Hydrophobic patches Protein sequences are made of amino acids. Some amino acids (G, A, V, L, I,

651 views • 13 slides
Wireless data transfer with mm-waves for future tracking detectors Daniel Pelikan Uppsala

Wireless data transfer with mm-waves for future tracking detectors Daniel Pelikan Uppsala

Wireless data transfer with mm-waves for future tracking detectors Daniel Pelikan Uppsala University 14-16 May 2014 Author(s): PELIKAN, Daniel ; BRENNER, Richard; DANCILA, Dragos; GUSTAFSSON, Leif ; BINGEFORS, Nils Uppsala

744 views • 25 slides
Auxiliary Processing swak4Foam and PyFoam Bruno Santos and Nelson Marques BlueCAPE,

Auxiliary Processing swak4Foam and PyFoam Bruno Santos and Nelson Marques BlueCAPE,

Auxiliary Processing swak4Foam and PyFoam Bruno Santos and Nelson Marques BlueCAPE, http://joomla.bluecape.com.pt/ bruno.santos@bluecape.com.pt nelson.marques@bluecape.com.pt Unin Europea FEDER 0682_CLOUDPYME2_1_E Invertimos en su

540 views • 50 slides
General-Purpose Image Forensics Using Patch Likelihood under Image Statistical Models The 7th

General-Purpose Image Forensics Using Patch Likelihood under Image Statistical Models The 7th

General-Purpose Image Forensics Using Patch Likelihood under Image Statistical Models The 7th IEEE International Workshop on Information Forensics and Security Wei Fan, Kai Wang, and Franc ois Cayre GIPSA-lab, Grenoble, France 18-11-2015

513 views • 19 slides
August 4, 1997: Skynet goes online August 29, 1997, 2:14am ET: Skynet gains consciousness

August 4, 1997: Skynet goes online August 29, 1997, 2:14am ET: Skynet gains consciousness

August 4, 1997: Skynet goes online August 29, 1997, 2:14am ET: Skynet gains consciousness August 29, 1997: Judgement Day Terminator (1984) What features does T-800 have? What features does T-800 have? Vision/Perception

674 views • 56 slides
Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks Bolun Wang*,

Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks Bolun Wang*,

Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks Bolun Wang*, Yuanshun Yao, Shawn Shan, Huiying Li, Bimal Viswanath , Haitao Zheng, Ben Y. Zhao University of Chicago, *UC Santa Barbara, Virginia Tech

771 views • 17 slides
XenRT XenSource XenSources Xen testing infrastructure Xen testing infrastructure James

XenRT XenSource XenSources Xen testing infrastructure Xen testing infrastructure James

Infrastructure Technology Product of the Year XenRT XenSource XenSources Xen testing infrastructure Xen testing infrastructure James Bulpin, XenSource Inc. james@xensource.com Xen Summit 8/Sep/2006 www.xensource.com What i is XenRT?

665 views • 31 slides
Automated Repair of Layout Cross Browser Issues Using Search-Based Techniques Sonal Mahajan * ,

Automated Repair of Layout Cross Browser Issues Using Search-Based Techniques Sonal Mahajan * ,

Automated Repair of Layout Cross Browser Issues Using Search-Based Techniques Sonal Mahajan * , Abdulmajeed Alameer * , Phil McMinn + , William G. J. Halfond * * University of Southern California, USA + University of Sheffield, UK Work supported

989 views • 62 slides
Art Build: Unit Tests and CMake Tools Ben Morgan LBNE Code LArSoft LArCore LArFoo LArBar ...

Art Build: Unit Tests and CMake Tools Ben Morgan LBNE Code LArSoft LArCore LArFoo LArBar ...

Art Build: Unit Tests and CMake Tools Ben Morgan LBNE Code LArSoft LArCore LArFoo LArBar ... FNAL SDK : art + (fhicl, ..., cpp0x) FNAL UPS : ups, gcc, ROOT, etc Linux/BSD OS LBNE Software Stack Working on FNAL SDK, Patrick on LArSoft

445 views • 17 slides
Impacting Kids Who are Angry, Withdrawn, or Superficial Every kid needs someone to run to

Impacting Kids Who are Angry, Withdrawn, or Superficial Every kid needs someone to run to

NW Ministries Conference 2019 Impacting Kids Who are Angry, Withdrawn, or Superficial Every kid needs someone to run to that wont run away Me Romans 12:2 (NIV) 2 Do not conform to the pattern of this world, but be transformed by the

446 views • 28 slides
Plunder Pillage & Print THE ART OF LEVERAGING MULTIFUNCTION PRINTERS

Plunder Pillage & Print THE ART OF LEVERAGING MULTIFUNCTION PRINTERS

Plunder Pillage & Print THE ART OF LEVERAGING MULTIFUNCTION PRINTERS DURING PENETRATION TESTING Deral Heiland Pete Arzamendi deral_heiland@rapid7.com peter_arzamendi@rapid7.com @Percent_x @TheBokojan

750 views • 64 slides

More recommend