Fuzz Testing
Software security experts urge software vendors to add fuzz testing to their software development life cycle to find security problems that can be exploited by attackers. Using a fuzzing tool, testers typically input random data into a computer program to see if it crashes or contains other common errors targeted by attackers, such as SQL injection or cross-site scripting. For example, Microsoft said it uncovered 1,800 coding errors in Office 2010 by running millions of fuzzing tests as part of its software development life cycle.
Next Slide >
