Fuzzing software testing quality assurance

This newly revised and expanded second edition of the popular Artech House title, Fuzzing for Software Security Testing and Quality Assurance , provides practical and professional guidance on how and why to integrate fuzzing into the software development lifecycle.

This edition introduces fuzzing as a process, goes through commercial tools, and explains what the customer requirements are for fuzzing. The advancement of evolutionary fuzzing tools, including American Fuzzy Lop AFL and the emerging full fuzz test automation systems are explored in this edition. Ari is the author of several papers on security, and is a frequent speaker at security and testing conferences, as well as leading universities and international corporations.

He is also author of two books on VoIP security and on security testing. Jared DeMott is an information security expert, and previously served as a vulnerability analyst with the NSA. DeMott has been on three winning Defcon capture-the-flag teams, and has been an invited lecturer at prestigious institutions such as the United States Military Academy.

This edition introduces fuzzing as a process, goes through commercial tools, and explains what the customer requirements are for fuzzing. The advancement of evolutionary fuzzing tools, including American Fuzzy Lop AFL and the emerging full fuzz test automation systems are explored in this edition. Traditional software programmers and testers will learn how to make fuzzing a standard practice that integrates seamlessly with all development activities.

Learn the code cracker's malicious mindset, so you can find worn-size holes in the software you are designing, testing, and building. Fuzzing for Software Security Testing and Quality Assurance takes a weapon from the black-hat arsenal to give you a powerful new tool to build secure, high-quality software.