Abhishek Arya on Google's AI cybersecurity experiments

September 12th, 2023  |  33 mins 27 secs

google, open source software, openssf, oss-fuzz, supply chain

Episode sponsors:

• Binarly (https://binarly.io)
• FwHunt (https://fwhunt.run)

Abhishek Arya is director of engineering at Google, overseeing open source and supply chain security efforts that include OSS-Fuzz, SLSA, GUAC and OSV DB.

In this episode, Arya talks about some early success experimenting with AI and LLMs on fuzzing and vulnerability management, the industry's over-pivoting on SBOMs, regulations and liability for software vendors, and the long road ahead for securing software supply chains.