Google’s Automated Fuzz Bot Has Found Over 9,000 Bugs in the Past Two Years

Google revealed today that OSS-Fuzz, the company’s automated fuzzing service/bot, has identified and reported over 9,000 vulnerabilities in widely used open source projects in the past two years.

OSS-Fuzz was launched in December 2016 and is an automated tool developed by Google that can find vulnerabilities in applications via a technique called fuzzing.

A fuzzer (fuzzing tool) and the technique of fuzzing works by feeding a software application with large quantities of random data and analyzing its output for abnormalities and crashes — which, in turn, give developers a hint about the presence of possible bugs in the app’s code.

Read more at ZDNet

Homeland Security Today

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

See Full Bio