Fuzzing Web Services is Hard!
Web Applications are growing increasingly complex. It is not enough to ensure the security of each individual service; you also need to secure their interaction, which often leads to complex behavior. This can be exhausting and requires a lot of manual work.
In this webinar, Simon Resch will demonstrate a novel approach that allows you to simplify and automate your web application testing using modern fuzzing techniques.
In fact, fuzzing your web applications is possible with minimal alterations to your existing test environment regardless of if it is running locally, using docker-compose, or inside a Kubernetes cluster.
Which Advantages Does the New Fuzzing Approach Offer?
With this new approach, you will be able to apply coverage-guided fuzz testing to a whole microservice environment. This will enable you to secure your web application with all their inter-dependencies, which will eventually improve your code coverage and increase your development speed.
Agenda @ Fuzzing Microservices
European Central Time (CET)
- 16:00 - 16:10 - Warm Welcome & Introduction
- 16:10 - 16:15 - Short Recap on Coverage Guided Fuzz Testing
- 16:15 - 16:40 - Demo: Fuzzing Complex Web Services- Simon Resch (Senior Software Engineer, Code Intelligence)
- 16:40 - 16:50 - What's Next? - How To Apply This Approach to Your Own Software
- 16:50 - 17:00 - Q&A Session
Simon Resch is a Senior Software Engineer at Code Intelligence. He is a specialist for fuzzing Java applications and was one of the leading developers behind Jazzer, an open-source fuzzer for the Java Virtual Machine (JVM). Jazzer has since been integrated into Google's open-source fuzzing framework OSS-Fuzz, and now contributes to secure many popular open-source applications, like Apache/PDFBox or OWASP/json-sanitizer.
About Code Intelligence
Code Intelligence offers a CI/CD-agnostic platform for automated software security testing. The platform helps developers to make their software more secure and robust. It empowers them to achieve reproducible testing results and to fix bugs already in the early stages of the development process. CI Fuzz enables them to increase their code coverage and to protect themselves against unexpected edge cases.