Abhishek Arya

Information Security Engineer, Google

Shubham Bansal

Paper Title

Analyzing Chrome crash reports at scale

Abstract

Clusterfuzz is Chrome's open source distributed fuzzer that finds security bugs in real time (all with reproducible test cases!). In this talk, I'll provide an overview of how Clusterfuzz uses 3000+ cores to fuzz Chrome across various platforms and find exploitable crashes before the black hats do. The talk will provide detailed statistics of the types of bugs found in Chrome and provide an insight into the trials and tribulations of distributed fuzzing, including how you can run your own fuzzers on our infrastructure and earn Chrome bounties for bugs your fuzzer finds! w00t!

Speaker Bio

Abhishek is the father of ClusterFuzz: Chrome's open source fuzzing framework. When he's not busy fuzzing the planet, he is the Technical Lead of the Chrome Security team's Bugs-- effort.

Copyright © 2019-20 | Nullcon India | International Security Conference | All Rights Reserved