deepbits
Deepbits logo

Jun

01

2025

Introducing Dr. Binary: Agentic Binary Analysis for Everyone

Jan

01

2025

Deepbits Secures DARPA INGOTS Contract to Advance Automated Exploit Generation for Android

Sep

01

2024

Deepbits Awarded NSF SBIR Phase I Grant for Pioneering AI-Powered Software Supply Chain Security Solution

Apr

27

2023

Deepbits Presents AI-Powered Solution for Software Supply Chain Security and Compliance at RSA CISA Booth

Apr

27

2023

Deepbits Selected as Awardee for DHS Silicon Valley Innovation Program to Enhance Software Supply Chain Security

Apr

11

2023

Deepbits Released Free GitHub Action and SBOM Badge, Enabling Automated Creation and Risk Analysis of Software Bill of Materials (SBOM)

Mar

17

2023

Deepbits Released Free Software Supply Chain Arsenal

Oct

21

2022

Riverside’s Deepbits Digs Deep to Stop Cyber Attacks

Jul

23

2021

Deepbits Won NSF SBIR Phase I Award for “Enabling Robust Binary Code AI via Novel Disassembly”

Mar

11

2020

Deepbits Won AFWERX SBIR Award for “Next Generation Threat Management Platform For USAF’s Software Assets”

Jan

01

2018

Deepbits Won NSF SBIR Phase I Award for “Building Extensible and Customizable Binary Code Analytics Engine for Malware Intelligence as a Service”

Deepbits Secures DARPA INGOTS Contract to Advance Automated Exploit Generation for Android

Share via TwitterShare via FaceBook

Deepbits Secures DARPA INGOTS Contract to Advance Automated Exploit Generation for Android

August 2025 — Deepbits Technology, together with the University of California, Riverside (UCR), has secured a DARPA INGOTS contract, aimed at advancing automated exploit generation in mobile operating systems, with a special focus on Android.

Android inherits a substantial part of its codebase from Linux and other sources, such as Qualcomm and OEMs, all known for a history of vulnerabilities. While the Android framework is primarily written in Java, it remains affected by non-memory-error vulnerabilities, such as file access vulnerabilities, which can enable exploit chaining.

Deepbits and UCR’s project will leverage their combined expertise in automated exploit generation, scalable program analysis, and AI for security to transform the traditionally manual, labor-intensive process of vulnerability evaluation and exploit development. The initiative aims to:

  • Streamline vulnerability analysis and exploit development, making the process more systematic and scalable.
  • Significantly reduce the manual effort needed to evaluate the exploitability of vulnerabilities.
  • Accelerate the timeline from vulnerability discovery to exploit proof-of-concept.

Impact:

  • Qualitative Improvements: The project will make vulnerability analysis and exploit generation more systematic, scalable, and sustainable.
  • Quantitative Improvements: It will reduce the time and resources required to identify and exploit vulnerabilities by introducing scalable, automated solutions across the pipeline.

Ultimately, this DARPA-funded effort will enable rapid and responsible generation of exploits and exploit chains, supporting security researchers in keeping pace with the continuous stream of known and newly discovered vulnerabilities affecting the Android ecosystem.