Security News > 2020 > September > Microsoft open-sources tool that enables continuous developer-driven fuzzing

Microsoft open-sources tool that enables continuous developer-driven fuzzing
2020-09-16 10:31

Microsoft has open-sourced OneFuzz, its own internal continuous developer-driven fuzzing platform, allowing developers around the world to receive fuzz testing results directly from their build system.

Fuzzing is an automated software testing technique that involves entering random, unexpected, malformed and/or invalid data into a computer program.

The tool is used by Microsoft's internal teams to strengthen the security development of Windows, Microsoft Edge, and other software products.

Composable fuzzing workflows: Open source allows users to onboard their own fuzzers, swap instrumentation, and manage seed inputs.

Built-in ensemble fuzzing: By default, fuzzers work as a team to share strengths, swapping inputs of interest between fuzzing technologies.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/E18njA86cao/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5127 264 7774