App-Ray
Software fuzzing

 

Software Fuzzing Dynamic testing of code components

Fuzzing is a dynamic testing method used for identifying bugs and vulnerabilities in software. It is mainly used for security and stability testing of the codebase. The software under test is fed with a series of inputs, which are purposefully mutated in the testing process.

The fuzzer then gets feedback about the code covered during the execution of inputs. Unlike security testing with just randomized inputs, feedback-based fuzzing explores the program state efficiently and discovers all kinds of bugs hidden deep within the code.

There are some characteristics that make fuzzing extremely useful not only for debugging, but also for security testing:

  • Fuzzing is an almost completely automated testing approach.
  • Fuzzing can be used for black-box AND white-box testing (on the source code).
  • Fuzzing does not only detect the vulnerabilities but also provides you with the dynamic inputs that caused the error messages.
  • Fuzzing identifies bugs reliably without false positives.

Implement fuzzing in your CI/CD workflow, use it for Java, Kotlin, C, C++ or other languages - opt in here for more information:

Or talk to us to find an All-Round solution:

 

This service is provided by a partner of ours. Use the contact button above to get more details and a custom price for your use case.