Overview
Learn how to integrate open source projects with OSS-Fuzz, Google's powerful fuzzing service that has uncovered over 12,000 bugs in memory-unsafe languages, through this comprehensive workshop session from Ubuntu Summit 2024. Master the fundamentals of fuzzing, from running fuzzers locally to writing fuzzing harnesses, investigating crashes, and submitting patches for vulnerable code. Led by an expert panel including Google's Open Source Security Team engineer Dongge Liu, Snapchat security engineer Andrei Iosif, and PhD researcher Jiongchi Yu, gain hands-on experience with practical techniques for implementing continuous fuzzing in development workflows. Explore real-world applications of fuzzing methodologies, automated fuzz target generation using Large Language Models, and best practices for vulnerability detection and remediation in open source software projects.
Syllabus
Ubuntu Summit 2024 | Fuzzing in the open: Integrate your project in OSS-Fuzz for continuous fuzzing
Taught by
Ubuntu OnAir