Checking the World’s Software for Exploitable Bugs

October 6, 2015

David Brumley

President & Director
Carnegie Mellon Univeristy’s CyLab


Checking the World's Software for Exploitable Bugs

To Carnegie Mellon University’s David Brumley, hacking is “not something just bad guys do.” Brumley, a professor and director of the CyLab Institute at Carnegie Mellon University will discuss the important science behind hacking at Carnegie Science Center’s next Café Scientifique on Monday, Oct. 5, from 7 – 9 pm.

Brumley and his team at Carnegie Mellon’s CyLab (cyber security lab) envision a world in which software is automatically checked for exploitable bugs, giving people the ability to trust their computers. The demand for cybersecurity professionals is growing, and Carnegie Mellon University is working to train students interested in the field.

Brumley is an associate professor who focuses on software security, with appointments in the Electrical and Computer Engineering Department and the Computer Science Department.

He is the faculty mentor for the CMU Hacking Team Plaid Parliament of Pwning (PPP), which is ranked internationally as one of the top teams in the world. Brumley’s honors include a 2010 NSF CAREER award, a 2010 United States Presidential Early Career Award for Scientists and Engineers (PECASE) from President Obama, the highest award in the U.S. for early career scientists, and a 2013 Sloan Foundation award. Brumley is the 2015 winner of the Carnegie Science Award in the University/Post-Secondary Educator category. He was lauded for recognizing the need for novel approaches to STEM education, leading him to spearhead picoCTF, a national cyber security game and contest targeted at exciting young minds about computer security.

Brumley attended the University of Northern Colorado for his bachelor’s degree in mathematics, Stanford University for his master’s degree in computer science, and, most recently, CMU for his PhD in computer science. At Stanford, he worked as a computer security officer, solving thousands of computer security incidents in a four-year span.


Recorded on Monday, October 5, 2015 at Carnegie Science Center in Pittsburgh, PA.