Software Integrity Blog

Archive for the 'Fuzz Testing' Category

 

[Webinars] Fuzz testing, DevOps with Red Hat, and ISO/SAE 21434

Learn about the ins and outs of fuzzing, how to secure your DevOps pipeline with Synopsys and Red Hat, and what ISO/SAE 21434 means for automotive security.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Automotive Cyber Security, Fuzz Testing, Webinars | Comments Off on [Webinars] Fuzz testing, DevOps with Red Hat, and ISO/SAE 21434

 

How to Cyber Security: Fuzzing does not mean random

The most efficient fuzzing happens not with random test cases but with targeted test cases generated from detailed data models and a powerful anomalizer.

Continue Reading...

Posted in Fuzz Testing | Comments Off on How to Cyber Security: Fuzzing does not mean random

 

How 5G and IoT devices open up the attack surface on enterprises

As 5G standards continue to evolve, what steps can development organizations take now to improve the security of billions of 5G and IoT devices and systems?

Continue Reading...

Posted in Fuzz Testing, IoT Security | Comments Off on How 5G and IoT devices open up the attack surface on enterprises

 

Uncover SweynTooth vulnerabilities with Defensics fuzz testing

SweynTooth is a set of Bluetooth Low Energy vulnerabilities. We can reproduce many of these vulnerabilities using Defensics Bluetooth LE Test Suites.

Continue Reading...

Posted in Fuzz Testing, IoT Security, Medical Device Security | Comments Off on Uncover SweynTooth vulnerabilities with Defensics fuzz testing

 

5G: Vast potential, but better security needed

5G security is top of mind for those who recognize that 5G is going to be higher risk. Fuzzing is one of the leading testing techniques for securing 5G.

Continue Reading...

Posted in Fuzz Testing, IoT Security, Mobile App Security | Comments Off on 5G: Vast potential, but better security needed

 

World’s top hackers meet at the first 5G Cyber Security Hackathon

Our Defensics R&D team put a couple of Synopsys tools to the test in the 5G Cyber Security Hackathon in Oulu, Finland, and placed in both of their competitions.

Continue Reading...

Posted in Fuzz Testing, Software Composition Analysis (SCA), Software Security Research | Comments Off on World’s top hackers meet at the first 5G Cyber Security Hackathon

 

[Webinars] Automotive fuzz testing and financial services AppSec

Learn how agent instrumentation improves fuzz testing of automotive IVI and telematics systems, and about financial services application security.

Continue Reading...

Posted in Financial Cyber Security, Fuzz Testing, Webinars | Comments Off on [Webinars] Automotive fuzz testing and financial services AppSec

 

Q&A: Fuzz testing, agent instrumentation, and Defensics

Do you have questions about fuzz testing? We’ve got answers, explanations, and recommendations from our last webinar on fuzzing using agent instrumentation.

Continue Reading...

Posted in Automotive Cyber Security, Fuzz Testing, Webinars | Comments Off on Q&A: Fuzz testing, agent instrumentation, and Defensics

 

WPA2 encryption bypass: Using Defensics to uncover behavioral vulnerabilities

We discovered a WPA2 encryption bypass vulnerability (CVE-2018-18907) in a router that allows full access to a WLAN without credentials. The vendor has released a patch for the device.

Continue Reading...

Posted in Fuzz Testing | Comments Off on WPA2 encryption bypass: Using Defensics to uncover behavioral vulnerabilities

 

Fuzzing Bitcoin with the Defensics SDK, part 2: Fuzz the Bitcoin protocol

This is the second of two articles that describe how to use the Defensics SDK in fuzzing Bitcoin. In the previous article, you saw how to set up a test bed for bitcoind. We created two containers, alice and bob, and were able to set up communication between the two bitcoind instances. In this article, you’ll learn how to create a data model for the Bitcoin network protocol, then use this model in the Defensics SDK to perform fuzzing on bitcoind.

Continue Reading...

Posted in Developer Enablement, Fuzz Testing | Comments Off on Fuzzing Bitcoin with the Defensics SDK, part 2: Fuzz the Bitcoin protocol