The Future of Cyber-Autonomy

Website Maintenance Alert

Due to scheduled maintenance on Wednesday, October 16, from 10:30 am to 4:30 pm Pacific Daylight Time (UTC -7), parts of the USENIX website (e.g., conference registration, user account changes) may not be available. We apologize for the inconvenience.

If you are trying to register for LISA19, please complete your registration before or after this time period.

Wednesday, January 17, 2018 - 1:00 pm1:30 pm

David Brumley, CEO, ForAllSecure


We need to move to a fully autonomous world for software security. Current software security attack and defense is done by humans, at human time lines. Cyber-autonomy research and development is creating tech that makes fully autonomous cyber possible. Cyber-autonomy promises to scale better and make defense possible within machine-scale time.

In this talk, I will describe the Cyber Grand Challenge and the system Mayhem. Mayhem is a fully autonomous cyber system that can find new vulnerabilities, generate exploits, and self-heal off-the-shelf software. Mayhem is the result of 10 years of academic research and 3 years of commercial development. Mayhem competed and won a $2 million dollar prize in the US Cyber Grand Challenge competition co-hosted at DEFCON 2016. I will describe how Mayhem works, the Cyber Grand Challenge competition, and how Mayhem fared against the world's best hacking teams. I will also describe how I think Mayhem, and other autonomous systems like it, will change the security landscape in the next decade.

David Brumley, CEO ForAllSecure

David Brumley is the CEO and co-founder of ForAllSecure, a company bent on securing the world's software against exploitable bugs. David is on leave as the Director of CyLab, the Carnegie Mellon Security and Privacy Institute, and a Professor of ECE and CS at CMU. His research interests include all areas of security, with a specialization in software security. Prof. Brumley received his Ph.D. in Computer Science from Carnegie Mellon University, an M.S. in Computer Science from Stanford University, and a B.A. in Mathematics from the University of Northern Colorado. Brumley's honors include a United States Presidential Early Career Award for Scientists and Engineers (PECASE) from President Obama, a 2013 Sloan Foundation award and numerous best paper awards. Prof. Brumley is also advisor and a founding member of PPP, one of the world's most elite competitive hacking teams.

@inproceedings {208121,
author = {David Brumley},
title = {The Future of Cyber-Autonomy},
booktitle = {Enigma 2018 (Enigma 2018)},
year = {2018},
address = {Santa Clara, CA},
url = {},
publisher = {{USENIX} Association},
month = jan,

Presentation Video