API Fuzzing for eCommerce platforms
21st January 2021 | 100 % online
Join our next webinar on how to efficiently detect security vulnerabilities and bugs, within the backend of your web application, using modern fuzzing approaches.
In this webinar, our CTO Khaled Yakdan will show you how to efficiently detect security vulnerabilities and bugs, within the backend of your web application, using modern fuzzing approaches: e.g. Injections (SQL Injections), Cross-Site Scripting (XSS), Information Leakage, Uncaught Exceptions leading to errors (e.g. NullPointerExeptions), and Crashes (OutOfMemory).
Fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program. The program is then monitored for exceptions such as crashes, failing built-in code assertions, or potential memory leaks.
Fuzz testing is currently the most effective method to automatically identify vulnerability and stability issues in software, especially network services and web applications. Google and other technology leaders already identify most of their software bugs and vulnerabilities with modern fuzzing (~80%), saving them a lot of manual effort and costs.
Khaled Yakdan is an expert when it comes to solving difficult and challenging technical or scientific problems. In his role as CTO, works together with the development team on building and delivering CI Fuzz to enable users to increase the security and stability of their software and seamlessly integrate fuzzing into their development process. Khaled previously worked on his doctoral thesis and at the Fraunhofer FKIE. As a malware analyst, he is an expert in the analysis of binary code and has been working in reverse engineering research for 7 years.
Code Intelligence develops a state-of-the-art application security testing solution that saves developers’ time and effort while drastically improving the security, stability and reliability of the codebase. Due to the earlier finding of bugs and vulnerabilities in the development process, Code Intelligence accelerates the development life cycle of software projects. The main technology is based on feedback-based / instrumented fuzzing techniques as used by Google and Microsoft extensively. The software improves the discovery of bugs and vulnerability due to higher code coverage and continuously executing automated security tests after each code change.