In this presentation, I’ll tell the story of our Cyber Grand Challenge adventure, explain how to automatically find and patch bugs in binary code, and discuss what’s next for our bug finding system. The story will describe how our small team of internationally distributed engineers made an automated bug finding system that placed 2nd in vulnerability discovery. I will cover both the fun parts and the necessary-but-boring-parts of automated bug finding. Fun parts include combining existing fuzzing and symbolic execution tools into one coherent system, and making fuzzing fast by identifying and eliminating performance bottlenecks. The necessary-but-boring-parts include automated testing, deployment, and configuration management, otherwise known as devops. Second, I’ll talk about how to patch bugs by translating binaries to LLVM bitcode, patching the bitcode, and re-emitting working patched binaries. I will cover different patching strategies and the requirements for each approach. I will also discuss instrumentation techniques, transformation operations, and analysis passes that are enabled by LLVM translation. Finally, I will talk about how researchers should fundamentally change the way bug finding tools are developed. Currently each tools is its own discrete island. However, there are quantifiable benefits to be gained by applying the Unix philosophy of discrete, communicating tools to the problem of bug finding.