Copyright: 2018
Pages: 330
ISBN: 9781630815196

Our Price: $102.00
Qty:

Description

This newly revised and expanded second edition of the popular Artech House title, Fuzzing for Software Security Testing and Quality Assurance, provides practical and professional guidance on how and why to integrate fuzzing into the software development lifecycle. This edition introduces fuzzing as a process, goes through commercial tools, and explains what the customer requirements are for fuzzing. The advancement of evolutionary fuzzing tools, including American Fuzzy Lop (AFL) and the emerging full fuzz test automation systems are explored in this edition. Traditional software programmers and testers will learn how to make fuzzing a standard practice that integrates seamlessly with all development activities. It surveys all popular commercial fuzzing tools and explains how to select the right one for software development projects.

 

This book is a powerful new tool to build secure, high-quality software taking a weapon from the malicious hacker’s arsenal. This practical resource helps engineers find and patch flaws in software before harmful viruses, worms, and Trojans can use these vulnerabilities to rampage systems. The book shows how to make fuzzing a standard practice that integrates seamlessly with all development activities.

Table Of Contents
Introduction; Software Vulnerability Analysis; Quality Assurance and Testing; Fuzzing Metrics; Building and Classifying Fuzzers; Target Monitoring; Advanced Fuzzing; Fuzzer Comparison; Fuzzing Case Studies.

Author

  • Jared D. Demott Jared D. DeMott is a software vulnerability researcher, speaker, teacher, and author. He is a leading expert on fuzzing and fuzzing tools . He earned an M.S. in computer science from Johns Hopkins University and is a Ph.D. candidate at Michigan State University.
  • Charles Miller Charlie Miller is principal analyst at Independent Security Evaluators. Previously, he spent five years at the National Security Agency. He is probably best known as the first to publicly create a remote exploit against the iPhone. Dr. Miller is also a frequent speaker at major computer security conferences. He earned his Ph.D. from the University of Notre Dame.
  • Ari Takanen Ari Takanen is the chief technical officer at Codenomicon, a software fuzzing tool company. A noted speaker and author on software testing and security, he is a graduate of Finland's University of Oulo, where he did research with the university's Secure Programming Group.
  • Atte Kettunen

    is a software security expert at F-Secure Corporation. He received his master’s degree in computer security from Oulun yliopisto.