What is Fuzz Testing?
Fuzz Testing is a dynamic testing method used for finding functional bugs and security issues in software. During a fuzz test a program gets executed with invalid, unexpected, or random inputs, with the aim to crash the application. This is a particularly effective approach to detecting bugs and security vulnerabilities in software.
Running Security Tests On the Source Code
Modern, effortless fuzzing solutions can analyze the structure of the code they are supposed to test. They can generate thousands of automated test cases per second, and mark each path the inputs take through the program. This way a fuzzer gets details feedback about the code coverage, the inputs are reaching during the execution of the source code.
Each Finding Leads to More Findings
Once a fuzzing solution found an input that has caused a crash, they use mutation algorithms to generate even more inputs which can reproduce the finding with a high probability.
Fuzzing Protects Against the Unexpected
Modern fuzzers executes a program with invalid, unexpected, or random inputs. This way you can also cover unlikely or unexpected edge cases, that you would not cover with other testing approaches.
Fuzzing as a service
Have the fuzzing power and knowledge of big tech companies so you can focus on building a great and secure product.
-
Continuous Fuzzing
Easy integration with your existing CI. Run fast regression tests on every pull-request and long fuzzing jobs in the background.
-
Highly Scalable
Start small and expand as necessary to cover your fuzz target.
-
Crash Deduplication
Accurate de-duplication of crashes to pin-point bugs.
-
State of The Art Fuzzers
We support all latest state of the art fuzzer for C, C+, Java, Golang, Rust and Swift. Run your current libFuzzer, AFL target at scale with deep analysis.