RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

VFCFinder

Product
Developers: North Carolina State University (NCSU)
Date of the premiere of the system: May 2024
Branches: Information Technology,  Information Security
Technology: Application Development Tools

2024: Product Release

In early May 2024, American specialists from North Carolina State University announced the release of a specialized tool called VFCFinder to quickly make changes to open source software. This tool simplifies the deployment of security updates needed to fix vulnerabilities.

It is noted that modern open source software can contain a large number of code fragments, each of which performs a specific function. However, updating them unnecessarily can create conflicts with other software in the organization, which turns into problems in the operation of systems. The VFCFinder tool allows you to analyze open source changes and identify those fragments that have been modified to fix vulnerabilities.

Specialists from North Carolina State University announced the release of a specialized tool called VFCFinder

File:Aquote1.png
Many open source programs are not exposed to any vulnerability, and deploying unnecessary updates in itself can cause problems for programmers. Therefore, it is important to understand which updates will actually make the software safer, "says William Enck, professor of computer science at North Carolina State University.
File:Aquote2.png

It is noted that for programmers using open source libraries, it is important to understand the nature of each vulnerability, including which specific code fragments lead to the problem. The VFCFinder tool is designed to solve this problem. The tool demonstrates high efficiency: it is stated that the accuracy of determining code fragments for updating is approximately 80%. The ultimate goal of the creators of VFCFinder is to reduce the security risks associated with the widespread use of open source software. The tool is available through the GitHub web service.[1]

Notes