Friday, February 19, 2010

Fuzzing: Build security in

Fuzzing is a software testing technique, in which unexpected data is fed to the inputs of a system, and the behavior of the system is then monitored. If the system fails, e.g., by crashing or hanging, then there is a bug in the software. Fuzzing enables testers to accurately simulate potential attacks against their own code and to patch the found vulnerabilities before somebody else finds them and exploits them. Fuzzing is a risk-based approach: It does exactly what the attackers would do, but before them.

Read more about: http://www.net-security.org

No comments: