Sign Up

How to bootstrap self-service continuous fuzzing

OSS-Fuzz is an innovative project that is both advancing the state of the art in OSS security engineering and immediately improving the overall quality of the software that serves the internet. In this blog post, I’ll describe how to use the open source components of google/oss-fuzz to bootstrap self-service continuous fuzzing for both private and public software using h2o, Fastly’s HTTP/2 proxy, as a running example.

Read More

How to fuzz a server with American Fuzzy Lop

In this blog post, I’ll describe how to use AFL’s experimental persistent mode to blow the doors off of a server without having to make major modifications to the server’s codebase. I’ve used this technique at Fastly to expand testing in some of the servers that we rely on and others that we are experimenting with.

Read More

Hear from Slack, the ACLU, TED, & more at our customer summit in San Francisco Register