Eventbrite, and certain approved third parties, use functional, analytical and tracking cookies (or similar technologies) to understand your event preferences and provide you with a customized experience. By closing this banner or by continuing to use Eventbrite, you agree. For more information please review our cookie policy.
Invalid quantity. Please enter a quantity of 1 or more.
The quantity you chose exceeds the quantity available.
Please enter your name.
Please enter an email address.
Please enter a valid email address.
Please enter your message or comments.
Please enter the code as shown on the image.
Please select the date you would like to attend.
Please enter an email address.
Please enter a valid email address in the To: field.
Please enter a subject for your message.
Please enter a message.
You can only send this invitations to 10 email addresses at a time.
$$$$ is not a properly formatted color. Please use the format #RRGGBB for all colors.
Please limit your message to $$$$ characters. There are currently ££££.
$$$$ is not a valid email address.
Please enter a promotional code.
N/A
Sold Out
Unavailable
Please enter a password with at least 8 characters.
You have exceeded the time limit and your reservation has been released.
The purpose of this time limit is to ensure that registration is available to as many people as possible. We apologize for the inconvenience.
This option is not available anymore. Please choose a different option.
Please read and accept the waiver.
All fields marked with * are required.
Please double check your email address. The email address format does not appear valid.
Please double check your email address. Your emails do not match.
$$$$ requires a number between ££££ and §§§§
US Zipcodes need to be 5 digits.
Postal code may contain no more than 9 letter or number characters.
Please double check your website URL.
All fields marked with * are required.
Your card expiration date is in the past.
Your card CSC needs to be 4 digits.
Please confirm your order: $$$$ You have selected to Pay by Check.
Click OK to confirm your order.
Please confirm your order: $$$$ You have selected to Pay at the Door.
Click OK to confirm your order.
Please confirm your order: $$$$ You have selected to Pay upon Receiving an Invoice.
Click OK to confirm your order.
Your card CSC needs to be 3 digits.
Sofort is only available in Germany and Austria.
Boleto Bancario is only available in Brazil.
OXXO is only available in Mexico.
PagoFacil is only available in Argentina.
Rapipago is only available in Argentina.
Please enter a valid IBAN number.
You need to accept to charge your bank account.
Your billing zip code needs to be 5 digits.
Please double check your CEP info. The CEP format should be something like 12345-678.
Please double check your tax identifier.
There was a problem saving your address.
There was a problem saving your card info.
There was a problem saving your personal information.
Please select the date you would like to attend.
McAfee Secure sites help keep you safe from identity theft, card fraud, spyware, spam, viruses and online scams.
Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.
Unknown card type.
No card number provided.
card number is in invalid format.
Wrong card type or card number is invalid.
card number has an inappropriate number of digits.
Please enter numbers here.
Please enter an integer value.
Numbers must be less or equal to $$$$
All the required fields have not been filled out. Click OK to proceed without all the required information, or click Cancel to finish entering the missing data.
Job titles must be less than 50 characters.
There is currently an issue with card submission on Safari with iOS7. Please try again with a different browser or device.
Sorry, invalid event registration form.
Sorry, invalid event or database error.
Sorry, quantity must be a positive integer.
Sorry, you did not select a valid ticket.
Sorry, invalid event organizer email address.
Your order was canceled.
Thank You. Your order has been successfully completed. Your name and email address have been added to the list of event attendees.
Sorry, that option is sold out.
Sorry, that option is no longer available.
Sorry, you entered an invalid quantity. Please enter a quantity of 1 or more next to the type or types of tickets you would like to purchase.
Sorry, you did not select any tickets to purchase. Please enter a quantity of 1 or more next to the type or types of tickets you would like to purchase.
Sorry, there are no tickets left for this event.
The tickets, ticket quantity or date and time you've requested are no longer available, due to previous sales. Please choose a different date, time or number of tickets and place your order again.
Sorry, one or more of the tickets you requested are no longer available for purchase.
Sorry, you need to select the date you want to attend.
Sorry, the promotional code you entered is not valid yet.
Sorry, the promotional code you entered has expired.
Sorry, the promotional code you entered is not valid.
Your session has expired. Try ordering again.
Sorry, your requested ticket quantity exceeds the number provided by your promotional code.
Sorry, the payment type chosen is invalid for this event.
Sorry, there is only 1 ticket left for this event.
We're sorry, this invitation is invalid.
We're sorry, this invitation has already been used.
We're sorry, you already have an order being processed for this event. Please wait a few minutes and try again.
We're sorry, there is a problem with your invitation. Please try again.
Invalid quantity of tickets selected.
Invalid donation amount.
Sorry, the promotional code you entered has been claimed.
The payment was cancelled.
The payment was declined by the bank.
The payment failed.
The payment expired.
Bummer! This team is full. Please join a different team.
Sorry, the tickets you've selected are no longer available.
We couldn't process your order because you have this event open on multiple tabs in your browser. Please try again with only one browser tab open.
Based on the quantity selected we are unable to seat your group together. Please try a smaller quantity.
Your browser does not support picking your own seat. Please select a quantity and the best available seats will be assigned to you.
Sorry, we can't complete your order in preview. Please make your event live to complete your order.
Group registration has been disabled for this event.
Sorry, you cannot reserve seats when your event is in draft mode.
There was a problem submitting your order. Code 17
Sorry, the payment type chosen is invalid for this event.
Sorry, your billing address was not saved properly, please try again.
Sorry, we experienced an internal error, please try again.
The captcha you entered is invalid. Please try again.
Invalid card selected. You have been logged out.
Sorry, your team selection was not valid.
It looks like this event organizer is unable to process your order through their payment processor. Please try again later, or contact the organizer directly
Sorry, the payment type chosen is invalid for this event.
Sorry, your billing address was not saved properly, please try again.
Sorry, we experienced an internal error, please try again.
Please double check your email address. The email address format does not appear valid.
Note: Per Facebook's physical security policies, attendees will be required to sign an NDA and bring a valid ID to check in to the venue. ==================================================================
Hasnain Lakhani, an Engineering Manager on the Product Security team working on dynamic analysis tools.
Abstract: There are a lot of resources on how to build and scale a fuzzing platform. There’s less information on how to build a sustained, larger-scale effort to get a whole organization onboard. Over the last 12-18 months, we built a centralized platform that all teams at Facebook can use. We will cover the history/motivation behind this work, and some principles to take into account while doing this. There will be interesting anecdotes on the engineering side (e.g. the power of copy-pastable commands); and war stories from the organizational side (convincing developers to become fuzzing advocates). We will share some of the things that worked for us and why, so listeners can tweak them for their organizations. ------------------------------------------------------------------
Presentation 2: "Expanding the Reach of Fuzz Testing"
Caroline Lemieux, a PhD candidate at UC Berkeley, advised by Koushik Sen, focusing around improving the correctness and reliability of software systems.
Abstract: Recently coverage-guided fuzz testing has gained huge traction in industry and academia thanks to its scalability and bug-finding power. However, due to its random-mutation-based input generation technique, coverage-guided fuzzing cannot reach far beyond the syntax analysis stage of programs. In this talk, I will introduce several projects expanding the reach of fuzz testing. First, I will introduce our work allowing fuzz testers to find inputs triggering a wider variety of interesting (bad) behaviors, including performance bottlenecks, excess memory allocations, and exercising program diffs (PerfFuzz, FuzzFactory). Then, I will describe how our work on smartly controlling mutations---either by direct masking (FairFuzz) or by way of input generators (Zest)---helps fuzzers produce inputs that exercise (and expose bugs in) the core logic of the program. ------------------------------------------
Presentation 3: "Your Browser is my Fuzzer: Fuzzing Native Applications in Web Browsers"
Jonathan Metzman, works on the Chrome security team where he writes fuzzers and fuzzing infrastructure (ClusterFuzz and OSS-Fuzz).
Abstract: Through WebAssembly and Emscripten, many important native applications, like SQLite, can run in virtually all web browsers (including Chrome, Edge, Firefox, and Safari). This makes it possible to fuzz native applications in web browsers using familiar fuzzing tools such as libFuzzer and ASAN.
This talk will: - Demo in-browser fuzzing on real programs like SQLite. -- Viewers can participate by fuzzing the applications in their own browsers. - Help users fuzz their own native applications in-browser by: -- Releasing the tools needed to do so. -- Teaching them how to fuzz applications in-browser. - Explore some use cases for in-browser fuzzing. -- In particular, how it can enable the dream of crowdsourced fuzzing. - Explain how technologies that allow for in-browser fuzzing, such as WebAssembly, work. -- This will be geared towards developers familiar with fuzzing and not web programming. -- This will touch on the changes to libFuzzer that were needed to support in-browser fuzzing.
Share Fuzzing Bay Area Meetup #2
Share Tweet