A World Where We Trust Hard-Won Lessons in Security Research, Technology, and People
David Brumley
33rd USENIX Security Symposium · Day 1 · USENIX Security '24
In this compelling keynote address at USENIX Security '24, David Brumley, a distinguished professor at Carnegie Mellon University and founder of ForAllSecure (creators of Mayhem), delivered a deeply personal and insightful talk on the challenges and realities of translating cutting-edge security research into practical, trustworthy software. Brumley, drawing from two decades of academic work and his journey into commercialization, highlighted the often-overlooked human and organizational factors that dictate the adoption and impact of security technologies. His central thesis revolved around the idea that creating truly trustworthy software is an achievable goal, but one that requires understanding and addressing the motivations, processes, and diverse needs of real-world developers and organizations.
AI review
Brumley's keynote delivers a brutally honest assessment of the chasm between cutting-edge security research and real-world adoption. He provides actionable lessons on how to bridge this gap by aligning solutions with developer incentives, segmenting strategies by tech stack, and prioritizing known vulnerabilities. This is a rare, high-signal talk from someone who has genuinely done the hard work.