- About Goa'15
- Schedule
- Venue
- Speakers
- Training
- CFP
- Recreation
- Blackshield Awards
- CTF
- Sponsors
- Exhibition
- Job Fair
- CXO Track
- Bugbash
- Goa'15
- About Speakers
- Abhishek Arya
Paper Title
Analyzing Chrome crash reports at scale
Abstract
Clusterfuzz is Chrome's open source distributed fuzzer that finds security bugs in real time (all with reproducible test cases!). In this talk, I'll provide an overview of how Clusterfuzz uses 3000+ cores to fuzz Chrome across various platforms and find exploitable crashes before the black hats do. The talk will provide detailed statistics of the types of bugs found in Chrome and provide an insight into the trials and tribulations of distributed fuzzing, including how you can run your own fuzzers on our infrastructure and earn Chrome bounties for bugs your fuzzer finds! w00t!
Speaker Bio
Abhishek is the father of ClusterFuzz: Chrome's open source fuzzing framework. When he's not busy fuzzing the planet, he is the Technical Lead of the Chrome Security team's Bugs-- effort.