A Gentle Introduction to Fuzzing for Developers
Fuzzing is a popular automated bug finding technique. Frequently Vulnerability Researchers’ weapon of choice, it can be confusing and frustrating for developers to understand fuzzing output and adapt fuzzing as a tool for their needs. In this talk, we’ll discuss what fuzzing is (and what it isn’t), its strengths and weaknesses, how to distinguish different fuzzers, who’s using fuzzers for what purposes, what fuzzers suit the needs of each group, how to pick the fuzzer for your needs, and how fuzzing might fit into a devops pipeline. There will be an optional fuzzing lab based on docker. Those interested in the lab should have a GCP account ready for about ~30 minutes.
