Fuzz testing is a highly effective technique for locating vulnerabilities in software. Malformed and unexpected inputs are delivered to the target software, and when failures occur, vulnerabilities have been located. Fuzzing is a widely recognized technique for improving the security, robustness, and safety of software. However, fuzzing is an open-ended pursuit¡ªan infinite space problem. So, how do you know when you¡¯ve fuzzed enough?
This white paper maps metrics and procedures to maturity levels that indicate how much fuzzing your firm is conducting. The maturity model explored within this resource acts as a lingua franca when discussing fuzzing. It also allows diverse organizations to communicate effectively about fuzzing without being tied to specific tools.
View test suites