![]() Years ago, I was the lead security software reviewer at ZDNet and then at CNET. ![]() ![]() ![]() This episode looks at how fuzz testing has evolved over the years, how open source projects have for the most part gone untested over time, and how new efforts to match fuzzing to software development are today helping to discover dangerous new vulnerabilities before they become the next Shellshock. How could open source software be vulnerable for so long? Shortly after OpenSSL’s Heartbleed, Shellshock was discovered lurking in Bash code two-decades old.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |