Offensive Cyber

Formally-verified buggy tech

You may have heard of products such as Company X has FIPS 140-3 Level 4* certification and Company Y has Common Criteria EAL-7* and you decided to pay top dollar for these solutions. It turns out that even well-vetted products such as these have been subject to remote code execution vulnerabilities.

*BTW practically 0% of organizations pay to have their products evaluated to the highest levels since they'd fail.

Clandestine backdoors

You can't stop what you can't see. Well, you can. But it's very hard. Now imagine intentional changes to well-designed and engineered solutions that enable unlocking "undocumented features". It's right there, but your $500K AI system using the latest concolic analysis and CWE scanning techniques and will still take beyond the heat death of the universe to detect it.