Launch HN: Fuzzbuzz (YC W19) – Fuzzing as a Service
146 by evmunro | 76 comments on Hacker News. Hey HN, We’re Everest, Andrei and Sabera, the founders behind Fuzzbuzz ( https://fuzzbuzz.io ) - a fuzzing as a service platform that makes fuzzing your code as easy as writing a unit test, and pushing to GitHub. Fuzzing is a type of software testing that generates & runs millions of tests per day on your code, and is great at finding edge cases & vulnerabilities that developers miss. It’s been used to find tens of thousands of critical bugs in open-source software ( https://ift.tt/2fW71Bd ), and is a great way to generate tests that cover a lot of code, without requiring your developers to think of every possibility. It achieves such great results by applying genetic algorithms to generate new tests from some initial examples, and using code coverage to track and report interesting test cases. Combining these two techniques with a bit of randomness, and running tests thousands of times every second has proven to be an incredibly effective automated bug finding technique. I was first introduced to fuzzing a couple years ago while working on the Clusterfuzz team at Google, where I built Clusterfuzz Tools v1 ( https://ift.tt/2jAJEvW ). I later built Maxfuzz ( https://ift.tt/2IG5rDY ), a set of tools that makes it easier to fuzz code in Docker containers, while on the Coinbase security team. As we learned more about fuzzing, we found ourselves wondering why very few teams outside of massive companies like Microsoft and Google were actively fuzzing their code - especially given the results (teams at Google that use fuzzing report that it finds 80% of their bugs, with the other 20% uncovered by normal tests, or in production). It turns out that many teams don’t want to invest the time and money needed to set up automated fuzzing infrastructure, and using fuzzing tools in an ad-hoc way on your own computer isn’t nearly as effective as continuously fuzzing your code on multiple dedicated CPUs. That’s where Fuzzbuzz comes in! We’ve built a platform that integrates with your existing GitHub workflow, and provide an open API for integrations with CI tools like Jenkins and TravisCI, so the latest version of your code is always being fuzzed. We manage the infrastructure, so you can fuzz your code on any number of CPUs with a single click. When bugs are found, we’ll notify you through Slack and create Jira tickets or GitHub Issues for you. We also solve many of the issues that crop up when fuzzing, such as bug deduplication, and elimination of false positives. Fuzzbuzz currently supports C, C++, Go and Python, with more languages like Java and Javascript on the way. Anyone can sign up for Fuzzbuzz and fuzz their code on 1 dedicated CPU, for free. We’ve noticed that the HN community has been increasingly interested in fuzzing, and we’re really looking forward to hearing your feedback! The entire purpose of Fuzzbuzz is to make fuzzing as easy as possible, so all criticism is welcome.
Dwyane Wade's final NBA season now has a signature moment after he banked in a one-footed 3-pointer against the Golden State Warriors on Wednesday, giving the Miami Heat a 126-125 win.
from www.espn.com - TOP https://ift.tt/2T5PADh
via IFTTT
Mavericks star Dirk Nowitzki has never said that this would be his final season, despite receiving farewell tours around the NBA, and he said Wednesday night that he'd still love to play next season if he feels healthy enough physically.
from www.espn.com - TOP https://ift.tt/2VpBpWE
via IFTTT
The Jets, who traded up to No. 3 in the draft to get Sam Darnold last year, are looking to trade down this time to recoup some of the picks they gave up.
from www.espn.com - TOP https://ift.tt/2TfPtVf
via IFTTT
Grant Williams scored with four seconds left, and No. 7 Tennessee escaped with a 73-71 win over Ole Miss, but an offensive foul on the Rebs in the final second enraged the home fans.
from www.espn.com - TOP https://ift.tt/2NxNAxP
via IFTTT
A Wisconsin school district filed a formal complaint against former Green Bay Packers head coach Mike McCarthy on Wednesday, a day after officials say he berated referees following a high school basketball game.
from www.espn.com - TOP https://ift.tt/2GQOxRs
via IFTTT
After a team manager forgot to pack its uniforms, the Indiana University of Pennsylvania basketball team had to wear old road uniforms provided by host Edinboro University on Wednesday night.
from www.espn.com - TOP https://ift.tt/2HcySv9
via IFTTT
Johnny Manziel has been released by the CFL's Montreal Alouettes for violating terms of his agreement, and the CFL said it wouldn't register a contract should other teams try to sign him.
from www.espn.com - TOP https://ift.tt/2H39lnS
via IFTTT
Brandon Copeland wanted to give college students practical financial information that would have aided him, so he helped create a class at his alma mater.
from www.espn.com - TOP https://ift.tt/2H5X4PK
via IFTTT
Bryce Harper probably won't be wearing any of Washington's 18 potential threads this spring, but there is a 6-foot 45-pounder in the clubhouse who will.
from www.espn.com - TOP https://ift.tt/2Xq93gB
via IFTTT
Zabit Magomedsharipov is on the fast track to a potential UFC featherweight title. But first he has to get past Jeremy Stephens at UFC 235 on Saturday on ESPN.
from www.espn.com - TOP https://ift.tt/2GNhwW1
via IFTTT
Arjun Rampal talks about his separation. Arjun who has made a stellar comeback with the webseries The Final Call talks opens up about his new career choices and the difficult times he has faced
Indo-Pak collaborations have always happened in the past and perhaps will continue happening in the future as well. Here are all the times when artistes between the two countries made beautiful art, music and films together
Oscars 2019's biggest after party was hosted by Madonna and Guy Oseary that even Hollywood bigwigs like Leonardo DiCaprio look forward to and is the one Ed Sheeran desperately wanted to attend. Read all the inside info here