Description

Vulnerability reachability analysis plays a critical role in assessing the real-world impact of identified software vulnerabilities. It bridges the gap between discovering a potential weakness and understanding its exploitability within a given program. Using static and dynamic program analysis, this process determines whether a vulnerability can be reached and exploited under realistic conditions, providing insights into the prerequisites and constraints an attacker must overcome. By identifying reachable vulnerabilities, developers and security teams can prioritize mitigation efforts based on the actual risk posed, focusing on those weaknesses that represent a feasible threat. Furthermore, reachability analysis estimates the complexity of exploitation, such as required input conditions, execution paths, and resource constraints, which informs the level of expertise or resources an attacker would need. This nuanced understanding transforms vulnerability management from reactive patching to a strategic approach that aligns resources with the most critical threats, enhancing overall software security and resilience.

Solutions

  • CodeHawk: Analysis and Patching Platform
  • DIODE: Input Synthesis Engine

Projects

DroidSafe

Best-in-class static analysis to vet untrusted Android mobile applications.

PI: Michael Gordon

Technical Areas: Static Analysis, Vulnerability Discovery, Vulnerability Reachability

Funding: DARPA (APAC)

DRIFT

Enhancing SBOMs to solve vulnerability discovery, reachability and remediation.

PI: Michael Gordon

Technical Areas: Static Analysis, Dynamic Analysis, Binary Patching, Supply Chain Security, Vulnerability Remediation, Vulnerability Reachability

Funding: DARPA (E-BOSS)

Aria

Transforming AppSec with in-application, zero-trust privileges and secure computation offloading.

PI: Ricardo Baratto

Technical Areas: Runtime Protection, Supply Chain Security, Vulnerability Discovery, Vulnerability Remediation, Vulnerability Reachability

Funding: DARPA (OPS-5G)

Papers