occia opened a new issue, #12529: URL: https://github.com/apache/ignite/issues/12529
Hi ignite developers, We ([LeeSinLiang](https://github.com/LeeSinLiang), and [Cen Zhang](https://github.com/occia), and a lot of our team members) are Team Atlanta from Georgia Institute of Technology, winners of DARPA's AI Cyber Challenge (AIxCC). We're reaching out to propose a security assessment collaboration with your project. This effort is recommended by DARPA's initiative to apply competition technologies to real-world open source projects. #### Background We have built an AI-enhanced CRS (Cyber Reasoning System) for automatic vulnerability detection and repair. - AIxCC Competition: https://aicyberchallenge.com/ - Our Team: https://team-atlanta.github.io/ #### What we plan to provide - OSS-Fuzz Integration: - If your project isn't yet supported by [OSS-Fuzz](https://github.com/google/oss-fuzz), we'll develop compatible fuzzing harnesses to enable its integration. This can make our system applicable to your project. - Security Assessment: - We'll run assessments locally on our infrastructure (no changes/efforts from your side) to identify potential vulnerabilities and synthesize corresponding patches. - Detailed Reports: - For any findings, we'll provide reports including: 1) identified vulnerabilities and explanations, 2) the proof-of-concept (PoC) to trigger those vulnerabilities, and 3) corresponding patches. - Responsible Disclosure: - We'll follow your preferred reporting channels (private email, OSS-Fuzz bug report system, or whatever channel you prefer) and coordinate disclosure timelines with your team. Note that **all findings will be further manually validated by our researchers before reporting to ensure quality and accuracy**. #### What we need A brief acknowledgment confirming your willingness to collaborate. This will serve as approval for our assessment plans. Looking forward to your response and please let me know for any further issues/concerns! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
