https://miscreants.github.io/blog.trailofbits.com/authors/trent-brunson/Recent content in Trent Brunson on The Trail of Bits BlogHugoen-usThu, 07 Aug 2025 00:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/08/07/aixcc-finals-tale-of-the-tape/Thu, 07 Aug 2025 00:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/08/07/aixcc-finals-tale-of-the-tape/While the AIxCC winner has not yet been announced, differences in the finalists’ approaches show that there are multiple viable paths forward to using AI for vulnerability detection.https://miscreants.github.io/blog.trailofbits.com/2021/11/12/how-to-choose-an-interesting-project/Fri, 12 Nov 2021 00:09:53 -0500https://miscreants.github.io/blog.trailofbits.com/2021/11/12/how-to-choose-an-interesting-project/Trent Brunson, Head of Research & Engineering Originally published on October 15, 2021 Come join our team today! Trail of Bits is hiring full-time Senior Software Engineers and Software Security Research Engineers. Over the last nine years, I’ve interviewed hundreds of applicants for research and engineering positions. One of my favorite icebreakers is, What […]https://miscreants.github.io/blog.trailofbits.com/2019/01/14/on-bounties-and-boffins/Mon, 14 Jan 2019 06:50:53 -0500https://miscreants.github.io/blog.trailofbits.com/2019/01/14/on-bounties-and-boffins/Trying to make a living as a programmer participating in bug bounties is the same as convincing yourself that you’re good enough at Texas Hold ‘Em to quit your job. There’s data to back this up in Fixing a Hole: The Labor Market for Bugs, a chapter in New Solutions for Cybersecurity, by Ryan Ellis, […]https://miscreants.github.io/blog.trailofbits.com/2018/10/05/how-to-spot-good-fuzzing-research/Fri, 05 Oct 2018 06:50:52 -0400https://miscreants.github.io/blog.trailofbits.com/2018/10/05/how-to-spot-good-fuzzing-research/Of the nearly 200 papers on software fuzzing that have been published in the last three years, most of them—even some from high-impact conferences—are academic clamor. Fuzzing research suffers from inconsistent and subjective benchmarks, which keeps this potent field in a state of arrested development. We’d like to help explain why this has happened and […]