Application Fuzzing

19th March 2020 | Cybrary Application Fuzzing


Application Fuzzing, originally developed by Barton Miller at the University of Wisconsin in 1989, is a testing method used to discover coding errors and security loopholes in software, operating systems or networks. This method of testing involves inserting a large amount of data, called fuzz, into the test subject in an attempt to make the system crash or return unexpected results. If there are vulnerabilities being found during the test, a “fuzzer” can be used as a software tool to help identify the potential causes behind the vulnerabilities.

The “fuzzers” work best by discover vulnerabilities that can be exploited by buffer overflow, denial of service issues, cross-site scripting and SQL injection. These tactics are most often used by malicious hackers who try to exploit online applications to their benefit. Employing application fuzzing techniques can help you avoid some major security headaches down the road.

Source: TechTarget

Additional Reading: What is AI Fuzzing? And Why It May Be The Next Big Cybersecurity Threat

Related Terms: Dynamic Code Analysis, Static Code Analysis, Vulnerability

Should I Use Application Fuzzing In My SMB?

Possibly. Application Fuzz testing is simple, it offers a high benefit-to-cost ratio and can often reveal serious defects that would otherwise be missed or overlooked when developing applications. If your SMB is a software development shop you might consider building application fuzz testing into your development processes. However, alone it cannot provide a complete picture of the overall security, quality or effectiveness of a program. You should combine fuzzing with other automated tools for software code analysis such as dynamic and static code assessments (links above).

If you would like to learn more about the timeline of Fuzz Testing, watch this short 2 minute video:

https://www.youtube.com/watch?v=RqrHT93KdgE

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!


Sign Up Today!

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

Stop the Swap: How to Protect Yourself from SIM Swapping Attacks

Stop the Swap: How to Protect Yourself from SIM Swapping Attacks

Ever had your phone suddenly lose service for no reason, followed by a flood of “reset your password”...

Read more
Your WiFi Might Be Watching You… Sort Of

Your WiFi Might Be Watching You… Sort Of

As smart homes get smarter, so do their habits of watching, sensing, and reporting. Enter WiFi Motion Detection, a...

Read more
184 Million Passwords Leaked: Is Your Digital Doppelgänger Out There?

184 Million Passwords Leaked: Is Your Digital Doppelgänger Out There?

Spoiler alert: If you’re still using “password123” or “iloveyou” for your login… it’s time for an...

Read more