Fahrenheit WAF Langsec Research: Part 4 – Detection Ceiling

By |August 17th, 2016|Fahrenheit|

Calculated Impact of Langsec Design Flaws on Detection Success   Part 3, explained why current WAF design flaws impact their ability to detect Web application attacks, using Chomsky Language Hierarchy and Formal Language Theory. Langsec informs us that current WAF design using signatures, will miss attacks. Mathematically speaking, all signature-based technologies such as scanning, WAF, ids/ips and

Fahrenheit WAF Langsec Research: Part 3

By |August 15th, 2016|Fahrenheit|

Formal Language Theory and Chomsky Language Hierarchy Part 2  presented that Langsec gives us an understanding of the design limitation of current WAFs, and all signature based detection, such as AV. In langsec, decidability matters. In order to have proper attack detection, and therefore security, one needs decidability. The notion of context in language recognition is

Fahrenheit WAF Langsec Research: Part 2

By |August 14th, 2016|Fahrenheit|

Langsec: Background Concepts   Trustifier research looks at the scientific reasons behind why current automatic cyber-defense systems are failing. What do the fundamental principles of computer science say about detecting cyber attacks, or limitations of current approaches? Langsec helps us to understand this. Warning: computing science concepts ahead I jokingly refer to this content as, "All of the

Trustifier Fahrenheit Langsec Research-Intro

By |August 9th, 2016|Fahrenheit|

Trustifier Labs Fahrenheit Langsec-based research efforts considered inherent design flaws in current WAFs as part of a broader research purpose. This research examined the scientific reasons behind why current automatic cyber-defense systems are failing. What do the fundamental principles of computer science say about detecting cyber attacks, or limitations of current approaches? Does understanding these limitations also open

Security D’oh-No!: Hackathons & Cyber Skills-Really?

By |August 4th, 2016|KSE, TUX GUI|

A recent article, "White House: Cyber Competitions Could Solve Skills Shortage", reminds that the cyber skills gap and the never-ending search for talent is likely going to be an on-going discussion point for some time. The piece informs us that, "The Office of Science and Technology Policy hosted a workshop aimed at encouraging volunteers and organizers to