I am Nikhil Gupta, and I am the security lead for the NVIDIA compiler org. At Nvidia, we employ the LLVM project in various parts of our compiler stack. Security is a pressing concern for us (as I’m sure it is for others) and we are therefore interested in being part of the LLVM-Security committee. I would like to nominate myself to be a participating member in the committee.
According to the information on the website, https://llvm.org/docs/Security.html, I fall under the following category: Vendor contacts
We are particularly interested in the following:
- Being aware of any security vulnerability that has been found in the compiler in a timely manner.
- Correctly reporting any vulnerabilities or other security issues we have found in the compiler stack.
- Discussing our use of static analysis / dynamic analysis / fuzzing / threat modelling with the committee and raising any concerns that have risen from said activities.
Looking forward to participating in further discussions and security sync ups with the rest of the committee