Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Making Fuzzing Part of Your Software Development Lifecycle

Linux Foundation via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the world of fuzzing in software development through this informative conference talk. Learn about this powerful automated vulnerability and bug-finding technique that has gained significant popularity in recent years. Discover essential tools and techniques used to secure hundreds of open source projects, including libFuzzer, AFL++, ClusterFuzz, and ClusterFuzzLite. Gain insights into OSS-Fuzz, a free service that has uncovered 40,000 bugs in critical open source projects, and Syzkaller and Syzbot for kernel fuzzing. Understand the evolution of fuzzing from early days to modern unittest-style approaches, and learn about sanitizers, non-C++ bugs, and coverage reports. Get practical advice on implementing a ClusterFuzz-style workflow, running full-scale infrastructure, and integrating fuzzing into your build process. By the end of this 39-minute talk, acquire the knowledge needed to enhance the security of your applications and dependencies using this essential testing technique.

Syllabus

Intro
Who Cares?
What is Fuzzing?
The Early Days
First Generation Fuzzers
Hacker Technique
Good Tests
Unittest-style Fuzzing
Sanitizers
Non-C++ Bugs: Denial of Service
Non-C++ Bugs: Differential Fuzzing
Non-C++ Bugs: Other Vulnerability Classes
Coverage Reports
How To Get a ClusterFuzz Style Workflow
Running Your Own Full Scale Infrastructure
ClusterFuzzLite: Build Integration
Smart Fuzzer Selection
Questions?

Taught by

Linux Foundation

Reviews

Start your review of Making Fuzzing Part of Your Software Development Lifecycle

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.