Application Fuzzing

19th March 2020 | Cybrary Application Fuzzing


Application Fuzzing, originally developed by Barton Miller at the University of Wisconsin in 1989, is a testing method used to discover coding errors and security loopholes in software, operating systems or networks. This method of testing involves inserting a large amount of data, called fuzz, into the test subject in an attempt to make the system crash or return unexpected results. If there are vulnerabilities being found during the test, a “fuzzer” can be used as a software tool to help identify the potential causes behind the vulnerabilities.

The “fuzzers” work best by discover vulnerabilities that can be exploited by buffer overflow, denial of service issues, cross-site scripting and SQL injection. These tactics are most often used by malicious hackers who try to exploit online applications to their benefit. Employing application fuzzing techniques can help you avoid some major security headaches down the road.

Source: TechTarget

Additional Reading: What is AI Fuzzing? And Why It May Be The Next Big Cybersecurity Threat

Related Terms: Dynamic Code Analysis, Static Code Analysis, Vulnerability

Should I Use Application Fuzzing In My SMB?

Possibly. Application Fuzz testing is simple, it offers a high benefit-to-cost ratio and can often reveal serious defects that would otherwise be missed or overlooked when developing applications. If your SMB is a software development shop you might consider building application fuzz testing into your development processes. However, alone it cannot provide a complete picture of the overall security, quality or effectiveness of a program. You should combine fuzzing with other automated tools for software code analysis such as dynamic and static code assessments (links above).

If you would like to learn more about the timeline of Fuzz Testing, watch this short 2 minute video:

https://www.youtube.com/watch?v=RqrHT93KdgE

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!


Sign Up Today!

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

Make Phishing Training Count with HootPhish

Make Phishing Training Count with HootPhish

Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...

Read more
Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats

Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats

A recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...

Read more
CyberHoot Newsletter – May 2025

CyberHoot Newsletter – May 2025

Welcome to CyberHoot's May Newsletter! This month, we're spotlighting key developments in the cyber threat...

Read more