Join hosts Joel Moses, Oscar Spencer, and Matt Yacobucci as they dive deep into the world of formal verification with special guest Chris Fallin. In this episode of WebAssembly Unleashed, the team discusses the importance of formal verification in software development, particularly for WebAssembly. Chris, a co-author of the Cranelift compiler and Mozilla alum, explains the concept of formal verification, its significance, and how it can be applied to ensure software correctness and security. The conversation covers a range of topics including type safety, the use of SMT solvers, the challenges in formally verifying compilers, and the potential role of AI in generating formally verified code. Don't miss this insightful discussion if you're keen to learn about cutting-edge techniques to make software more reliable and secure.
00:00 Welcome to WebAssembly Unleashed
00:57 Community Updates
01:41 Guest Introduction: Chris Fallin
02:18 What is formal verification and why is it important?
03:10 Formal Verification in WebAssembly
06:28 Challenges and Real-World Applications
07:52 Tools and Techniques for Verification
20:22 Future Directions and Broader Implications
28:21 AI and Formal Verification
30:44 Lack of Formal Verification Consequences
Did you miss the WebAssembly Unleashed episode 16 with Bruce Gain? Check it out here: https://youtu.be/Gjd8l1Sz9qY?si=QGixwObXJgvex9DS
For more from F5's Office of the CTO visit the following sites:
Blogs - https://www.f5.com/company/octo
Reports - https://www.f5.com/services/resources/reports
Meet Your Hosts:
Joel Moses | https://www.linkedin.com/in/joelmoses/ | https://community.f5.com/users/joel_moses/398372
Oscar Spencer | https://twitter.com/oscar_spen | https://www.linkedin.com/in/oscarspen/
Matthew Yacobucci | https://www.linkedin.com/in/matthew-yacobucci-323b4b2/
All content for DevCentral is the property of F5 DevCentral Community and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Join hosts Joel Moses, Oscar Spencer, and Matt Yacobucci as they dive deep into the world of formal verification with special guest Chris Fallin. In this episode of WebAssembly Unleashed, the team discusses the importance of formal verification in software development, particularly for WebAssembly. Chris, a co-author of the Cranelift compiler and Mozilla alum, explains the concept of formal verification, its significance, and how it can be applied to ensure software correctness and security. The conversation covers a range of topics including type safety, the use of SMT solvers, the challenges in formally verifying compilers, and the potential role of AI in generating formally verified code. Don't miss this insightful discussion if you're keen to learn about cutting-edge techniques to make software more reliable and secure.
00:00 Welcome to WebAssembly Unleashed
00:57 Community Updates
01:41 Guest Introduction: Chris Fallin
02:18 What is formal verification and why is it important?
03:10 Formal Verification in WebAssembly
06:28 Challenges and Real-World Applications
07:52 Tools and Techniques for Verification
20:22 Future Directions and Broader Implications
28:21 AI and Formal Verification
30:44 Lack of Formal Verification Consequences
Did you miss the WebAssembly Unleashed episode 16 with Bruce Gain? Check it out here: https://youtu.be/Gjd8l1Sz9qY?si=QGixwObXJgvex9DS
For more from F5's Office of the CTO visit the following sites:
Blogs - https://www.f5.com/company/octo
Reports - https://www.f5.com/services/resources/reports
Meet Your Hosts:
Joel Moses | https://www.linkedin.com/in/joelmoses/ | https://community.f5.com/users/joel_moses/398372
Oscar Spencer | https://twitter.com/oscar_spen | https://www.linkedin.com/in/oscarspen/
Matthew Yacobucci | https://www.linkedin.com/in/matthew-yacobucci-323b4b2/
Latest in AppSec: Apache Camel RCE, X DDoS, Silk Typhoon and Encryption Debates
DevCentral
33 minutes
7 months ago
Latest in AppSec: Apache Camel RCE, X DDoS, Silk Typhoon and Encryption Debates
Welcome to the latest episode of AppSec Now, a DevCentral podcast dedicated to the ever-evolving world of application security. In this episode, Chase takes the reins while Aubrey is away, joined by Malcolm Heath, a principal researcher at F5 Labs, and the illustrious MegaZone, a principal security engineer on the SIRT team.
We dive deep into the recent Apache Camel remote code execution vulnerability, discussing the initial panic and the eventual revelation that it was a medium-severity CVE with narrow impact. We also explore the ongoing debate on government backdoors in end-to-end encryption, with insights on the recent stances of Signal and Apple. Finally, we shed light on the recent DDoS attack on X (formerly Twitter), attributed to Dark Storm, and discuss the complexities of attributing such attacks. Stay informed and up-to-date with the latest trends and threats in the AppSec world!
References:
https://community.f5.com/kb/security-insights/appsec-camels-typhoons-and-backdoors/340217
00:00 Introduction
00:59 Apache Camel RCE
10:09 Silk Typhoon
16:11 Government Encryption Backdoors
25:51 X (Twitter) DDoS
30:25 VulnCon Comin' Up!
32:16 Outro
DevCentral
Join hosts Joel Moses, Oscar Spencer, and Matt Yacobucci as they dive deep into the world of formal verification with special guest Chris Fallin. In this episode of WebAssembly Unleashed, the team discusses the importance of formal verification in software development, particularly for WebAssembly. Chris, a co-author of the Cranelift compiler and Mozilla alum, explains the concept of formal verification, its significance, and how it can be applied to ensure software correctness and security. The conversation covers a range of topics including type safety, the use of SMT solvers, the challenges in formally verifying compilers, and the potential role of AI in generating formally verified code. Don't miss this insightful discussion if you're keen to learn about cutting-edge techniques to make software more reliable and secure.
00:00 Welcome to WebAssembly Unleashed
00:57 Community Updates
01:41 Guest Introduction: Chris Fallin
02:18 What is formal verification and why is it important?
03:10 Formal Verification in WebAssembly
06:28 Challenges and Real-World Applications
07:52 Tools and Techniques for Verification
20:22 Future Directions and Broader Implications
28:21 AI and Formal Verification
30:44 Lack of Formal Verification Consequences
Did you miss the WebAssembly Unleashed episode 16 with Bruce Gain? Check it out here: https://youtu.be/Gjd8l1Sz9qY?si=QGixwObXJgvex9DS
For more from F5's Office of the CTO visit the following sites:
Blogs - https://www.f5.com/company/octo
Reports - https://www.f5.com/services/resources/reports
Meet Your Hosts:
Joel Moses | https://www.linkedin.com/in/joelmoses/ | https://community.f5.com/users/joel_moses/398372
Oscar Spencer | https://twitter.com/oscar_spen | https://www.linkedin.com/in/oscarspen/
Matthew Yacobucci | https://www.linkedin.com/in/matthew-yacobucci-323b4b2/
