Microsoft open-sources fuzzing test framework
Microsoft is looking to help developers continuously fuzz-test code prior to release, via the open source OneFuzz framework.
Described as a self-hosted fuzzing-as-a-service platform, OneFuzz enables developer-driven fuzzing to identify software vulnerabilites during the development process. Source code for OneFuzz is due to arrive on GitHub on September 18.
Fuzz testing is about increasing the security and reliability of native code by finding costly, exploitable security flaws. Fuzz testing involves throwing random inputs at software to find instances in which unforeseen actions could cause software to fail.
from InfoWorld https://ift.tt/35LsA1D
No comments: