Help Improve Security by Playing Video Games made by DARPA

DARPA Verigames

The Defense Advanced Research Projects Agency (DARPA) recently announced a new project to use video games to help test computer software for security vulnerabilities.

The military and government use a lot of Commercial Off-the-Shelf (COTS) applications, and they need to go through a formal verification process to make sure they are free of security issues.

DARPA’s Crowd Sourced Formal Verification (CSFV) has created several games to try to make the process fast, easy and fun:

“We’re seeing if we can take really hard math problems and map them onto interesting, attractive puzzle games that online players will solve for fun,” said Drew Dean, DARPA program manager. “By leveraging players’ intelligence and ingenuity on a broad scale, we hope to reduce security analysts’ workloads and fundamentally improve the availability of formal verification.”

The five games: CircuitBot, Flow Jam, Ghost Map, StormBound, Xylem are available on

I took CircuitBot for a spin and found it mildly entertaining. The game walks you through a how-to-play tutorial to get you up to speed. The tasks seem pretty scripted, but the graphics were pretty good and it did feel like you were playing a turned based builder game.


I think it is a great idea to turn mundane complicated tasks into a crowd sourced game.

Honestly my only concern about the project is how willing citizens will be to installing government code on their systems, especially with all the NSA spying that has been revealed.

GFI LANguard 2012 SR1 now Supports Mac OS

GFI has announced an update to their GFI LANguard product. GFI LANguard is a patch management, vulnerability management and network audit tool. The new features include the ability to patch Mac systemsand enhanced compliance reporting:

Mac OS patching support

GFI LanGuard now automates patching on Apple Mac OS X computers as well as Windows computers, all from the same console.

Enhanced compliance reporting

GFI LanGuard includes dedicated reports for additional compliance standards (Health Insurance Portability and Accountability Act (HIPAA), Public Services Network – Code of Connection (PSN CoCo), Sarbanes–Oxley Act (SOX), Gramm–Leach–Bliley Act (GLB/GLBA) as well as the Payment Card Industry Digital Security Standard (PCI-DSS).

More information can be found at their website.

GFI also offers a free 30 day trial.