►
Description
GitLab allows you to add coverage-guided fuzz testing to your pipelines. This helps you discover bugs and potential security issues that other QA processes may miss.
Coverage-guided fuzzing sends random inputs to an instrumented version of your application in an effort to cause unexpected behavior, such as a crash. Such behavior indicates a bug that you should address.
Follow @awkwardferny and @gitlab on twitter. 🐦
Getting Started with Coverage-Guided Fuzz-Testing: https://docs.gitlab.com/ee/user/application_security/coverage_fuzzing/
Sample Java Project: https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/java-fuzzing-example
Get in touch with Sales: http://bit.ly/2IygR7z
A
Here's
a
project
set
up
with
fuzz
testing
in
order
to
enable
fuzz
testing.
We
add
the
coverage
template
to
the
gitlab
ci
yaml.
We
create
a
job
to
tell
the
fuzzer
how
to
run
on
our
application.
Each
buzzer
is
application
specific
and
each
programming
language
uses
a
different
fuzzing
library
for
more
information.
On
this
see
the
links
in
the
description.
A
A
Fuzz
testing
helps
you
find
issues
or
vulnerabilities
that
other
qa
processes
may
have
missed
by
adding
it
to
the
cicd
pipeline
and
running
it
on
a
feature
branch.
You
can
find
these
issues
before
they
make
their
way
to
production.
Gitlab
makes
it
easy
to
add
coverage,
guided
fuzz
testing
to
your
ci
cd
pipeline.