Microsoft open-sources fuzzing test framework

Microsoft is looking to help developers continuously fuzz-test code prior to release, via the open source OneFuzz framework.

Described as a self-hosted fuzzing-as-a-service platform, OneFuzz enables developer-driven fuzzing to identify software vulnerabilites during the development process. Source code for OneFuzz is due to arrive on GitHub on September 18.

[ Also on InfoWorld: How to improve CI/CD with shift-left testing ]

Fuzz testing is about increasing the security and reliability of native code by finding costly, exploitable security flaws. Fuzz testing involves throwing random inputs at software to find instances in which unforeseen actions could cause software to fail.

To read this article in full, please click here

from InfoWorld https://ift.tt/35LsA1D