MAVIS: Machine Assisted Vulnerability Identification System

Channel:
United States SANS Cyber Defense
Subscribers:
23,700
Published on ● Video Link: https://www.youtube.com/watch?v=fc8jrWkKu5Y


Duration: 0:00
372 views
12

Code review has become what log review was a few years ago; everyone knows they should do it, everyone says they are doing something, but everybody knows they aren't doing enough. In this talk David covers the highlights of MAVIS, a new open source project that can be used to supplement or even guide code review of internal projects. MAVIS is an ML/AI based tool that can be hooked into your CI pipeline to flag code commits that deserve "special attention."

Learn more about SEC595 Applied Data Science and AI/Machine Learning for Cybersecurity Professionals: https://www.sans.org/u/1vzR

About the Speaker
David Hoelzer, a SANS Fellow and author of more than twenty days of SANS courseware, is an expert in a variety of information security fields, having served in most major roles in the IT and security industries over the past twenty-five years. Currently, David serves as the principal examiner and director of research for Enclave Forensics, a New York/Las Vegas based incident response and forensics company. He also serves as the chief information security officer for Cyber-Defense, an open-source security software solution provider.



Other Videos By SANS Cyber Defense


2025-03-12Hunt Them Where They Play
2025-03-12Ads as Intel: Exploring ADINT's Capability to Pinpoint Personal Locations
2025-03-12Crowdsourced Intelligence: The Role of the OSINT Community in Global Investigations
2025-03-12Shadow Hunting: Advanced OSINT Skills to Navigate the Breach Data Labyrinth
2025-03-11Back to Basics: Keywords and Listening in
2025-03-11Finding Threat Actor Infrastructure With SSL Certificates
2025-03-11Data Processing Cheat Codes for OSINT at Scale
2025-03-11Keynote | The Power of OSINT: Navigating the New Hybrid Cold War
2025-02-09Unlock Advanced OSINT: Inside the Revamped SEC587 Course
2024-11-04Supply Chain Security Incident Response: Strategies for Responding to Emerging Threats
2024-10-31MAVIS: Machine Assisted Vulnerability Identification System
2024-10-30Mastering the Journal
2024-10-29Hybrid Fortresses: How A Defensible Security Architecture Raises the Bar Against Modern Attacks
2024-10-28APT Takedown: The 2024 Blueprint for Cyber Victory
2024-10-25Encrypted DNS Developments
2024-10-24Edge Out Your Next BEC Adversary: Investigation and Prevention Strategies Using OSINT
2024-10-23CYA by Using CIA...Correctly for a Change
2024-10-22Stand out from the crowd! Using PowerShell to automate your daily tasks
2024-10-21The SBOM Makeover
2024-10-18Guardrails for Innovation: Navigating Security Standards in Generative AI and LLMs
2024-10-17The Python Security Pickle