GOSB – Safer with Google: Advancing Memory Safety
Posted by Alex Rebert, Security Foundations, and Chandler Carruth, Jen Engel, Andy Qin, Core Developers Error-prone interactions between software and memory1 are widely understood to create safety issues in software. It is estimated that about 70% of severe vulnerabilities2 in memory-unsafe codebases are due to memory safety bugs. Malicious actors exploit these vulnerabilities and continue […]
GOSB – 5 new protections on Google Messages to help keep you safe
Posted by Jan Jedrzejowicz, Director of Product, Android and Business Communications; Alberto Pastor Nieto, Sr. Product Manager Google Messages and RCS Spam and Abuse; Stephan Somogyi, Product Lead, User Protection; Branden Archer, Software Engineer Every day, over a billion people use Google Messages to communicate. That’s why we’ve made security a top priority, building in […]
GOSB – Safer with Google: New intelligent, real-time protections on Android to keep you safe
Posted by Lyubov Farafonova, Product Manager and Steve Kafka, Group Product Manager, Android User safety is at the heart of everything we do at Google. Our mission to make technology helpful for everyone means building features that protect you while keeping your privacy top of mind. From Gmail’s defenses that stop more than 99.9% of […]
GOSB – Retrofitting spatial safety to hundreds of millions of lines of C++
Posted by Alex Rebert and Max Shavrick, Security Foundations, and Kinuko Yasuda, Core Developer Attackers regularly exploit spatial memory safety vulnerabilities, which occur when code accesses a memory allocation outside of its intended bounds, to compromise systems and sensitive data. These vulnerabilities represent a major security risk to users. Based on an analysis of in-the-wild […]
GOSB – Leveling Up Fuzzing: Finding more vulnerabilities with AI
Posted by Oliver Chang, Dongge Liu and Jonathan Metzman, Google Open Source Security Team Recently, OSS-Fuzz reported 26 new vulnerabilities to open source project maintainers, including one vulnerability in the critical OpenSSL library (CVE-2024-9143) that underpins much of internet infrastructure. The reports themselves aren’t unusual—we’ve reported and helped maintainers fix over 11,000 vulnerabilities in the […]
JDN – La transparence de l’IA, un enjeu stratégique pour les banques
L’intelligence artificielle (IA) transforme les processus bancaires, notamment la connaissance client (KYC) et la lutte contre le blanchiment d’argent (AML).
JDN – Le cadeau du temps : comment maximiser son quotidien avec un PC IA
Les PC IA révolutionnent la productivité : de la gestion des e-mails, aux recherches rapides, en passant par les analyses automatisées, ils optimisent les tâches, libérant ainsi du temps précieux.
JDN – La sécurité applicative comme indicateur de la performance des organisations
Freinés par des processus inefficaces, les développeurs perdent du temps sur les failles. Intégrer la sécurité dès la conception permet un code performant et innovant pour l’organisation.
