Menu
Example of an image parser fuzz test

Example: Fuzzing an image parser application

What is Fuzzing?

Modern fuzzing is used for security and stability testing of the codebase. The software under test is fed with a series of inputs, which are purposefully mutated in the testing process. The testing tool gets feedback about the code covered during the execution of inputs. Unlike traditional or black-box fuzzing, feedback-based fuzzing explores the program state efficiently and discovers bugs hidden deep in the code.

Learn more about Fuzzing

CI Fuzz: Fuzzing for Everyone

Fuzzing is sometimes hard to integrate into existing development environments. The integration requires fuzzing and domain knowledge. Existing tools are usually from fuzzing experts for other fuzzing experts and therefore hard to use. These limitations have encouraged us to create a solution for developers and experts alike.

Learn more about CI Fuzz
Fuzzing Limitations

Bugs & Vulnerabilities found with Fuzzing

fuzz testing for Chrome
fuzz testing for OSS-Fuzz
fuzz testing for Linux
fuzz testing for Mozilla
fuzz testing for Microsoft
See List of CVEs

CI Fuzz Technology Stack

CI Fuzz is based on advanced technology and comes with convincing features and usable design.

CI technology stack

Industries Where Fuzzing Is Used

Illustration by Freepik Storyset / https://storyset.com
Illustration by Freepik Storyset / https://storyset.com
Illustration by Freepik Storyset / https://storyset.com
Illustration by Freepik Storyset / https://storyset.com
Illustration by Freepik Storyset / https://storyset.com

Fuzzing in Standards

Fuzzing is recommended by various industry standards and norms - often even mandatory.

  • ISO 26262
    Road vehicles – Functional safety
  • UNECE WP.29
    United Nations World Forum for Harmonization of Vehicle Regulations
  • ISA/IEC 62443-4-1
    Secure product development lifecycle requirements
  • ISO/SAE DIS 21434
    Road vehicles — Cybersecurity engineering
  • UL2900-1 and UL2900-2-1
    Healthcare and Wellness Systems - Software Cybersecurity for Network-Connectable Products
  • ISO/IEC/IEEE 29119
    Software and systems engineering - Software testing
  • ISO/IEC 12207
    Systems and software engineering – Software life cycle processes
  • ISO 27001
    Information technology – Security techniques – Information security management systems
  • ISO 22301
    Security and resilience — Business continuity management systems
  • IT-Grundschutz (Germany)
    Based on ISO 27001
  • and others

See How Feedback-Based-Fuzzing Works in Action!

Talk to our developers to find out in how our software testing solution can help you provide secure and reliable software.

Get Started