Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the critical security blind spot of silent patching in open-source software through this 16-minute conference talk from NDC Oslo. Learn how traditional security tools fail to detect 1 in 6 vulnerabilities that are patched without public disclosure, leaving organizations exposed to unknown risks in their software supply chains. Discover an innovative dual-LLM architecture that leverages Large Language Models to analyze public changelog data and identify hidden security vulnerabilities that bypass conventional detection methods relying on CVE or NVD databases. Witness a live demonstration showing how this AI-driven approach has uncovered hundreds of previously unknown vulnerabilities in major open-source projects, with 20% classified as critical or high severity. Examine the methodology behind this novel detection system, understand the importance of Human-in-the-Loop verification processes, and review benchmarking results comparing this approach to traditional security research methods. Gain insights into the threat landscape of silent patching, its impact on supply chain security, real-world findings from major projects, current limitations of the approach, and future improvements planned for this groundbreaking vulnerability detection system.
