Application Fuzzing

Application Fuzzing, originally developed by Barton Miller at the University of Wisconsin in 1989, is a testing method used to discover coding errors and security loopholes in software, operating systems or networks. This method of testing involves inserting a large amount of data, called fuzz, into the test subject in an attempt to make the system crash or return unexpected results. If there are vulnerabilities being found during the test, a “fuzzer” can be used as a software tool to help identify the potential causes behind the vulnerabilities.

The “fuzzers” work best by discover vulnerabilities that can be exploited by buffer overflow, denial of service issues, cross-site scripting and SQL injection. These tactics are most often used by malicious hackers who try to exploit online applications to their benefit. Employing application fuzzing techniques can help you avoid some major security headaches down the road.

Source: TechTarget

Additional Reading: What is AI Fuzzing? And Why It May Be The Next Big Cybersecurity Threat

Should I Use Application Fuzzing In My SMB?

Possibly. Application Fuzz testing is simple, it offers a high benefit-to-cost ratio and can often reveal serious defects that would otherwise be missed or overlooked when developing applications. If your SMB is a software development shop you might consider building application fuzz testing into your development processes. However, alone it cannot provide a complete picture of the overall security, quality or effectiveness of a program. You should combine fuzzing with other automated tools for software code analysis such as dynamic and static code assessments (links above).

If you would like to learn more about the timeline of Fuzz Testing, watch this short 2 minute video:

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.