Modern fuzz testing is a dynamic testing method that can be used for stability and security testing of the codebase. During a fuzz test, software is fed with a variety of inputs, which are then actively mutated. Information about the code covered, during the execution of an input, is then sent back to the fuzzer. The fuzzer then uses this information to automatically generate new inputs which will penetrate even further into the system under test. Compared to traditional or black-box fuzzing, modern fuzzing is a highly automated process, that can seamlessly uncover bugs hidden deeply within the source code.
Large tech companies like Google already find 80% of their bugs completely automated with modern fuzz testing. CI Fuzz now makes fuzz testing available to everyone.
Security Testing by Developers
We believe that developers know their code best, so they also should be able to perform the security tests themselves. With CI Fuzz, developers can increase their development speed and fix bugs much earlier in the development process. The platform helps developers to increase their code coverage and protects their code against unexpected edge cases. Furthermore, CI Fuzz is CI/CD-agnostic and works within all the popular IDEs and tools developers already use and trust.