Microsoft open-sources tool that enables continuous developer-driven fuzzing

2020-09-16 10:31

Microsoft has open-sourced OneFuzz, its own internal continuous developer-driven fuzzing platform, allowing developers around the world to receive fuzz testing results directly from their build system.

Fuzzing is an automated software testing technique that involves entering random, unexpected, malformed and/or invalid data into a computer program.

The tool is used by Microsoft's internal teams to strengthen the security development of Windows, Microsoft Edge, and other software products.

Composable fuzzing workflows: Open source allows users to onboard their own fuzzers, swap instrumentation, and manage seed inputs.

Built-in ensemble fuzzing: By default, fuzzers work as a team to share strengths, swapping inputs of interest between fuzzing technologies.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/E18njA86cao/

#developer #microsoft #opensource

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		725	810	4730	4734	3648	13922