Google added generative AI to its open source fuzz testing infrastructure and discovered a massive improvement in code coverage which will radically alter the bug-hunting space. Fuzz testers are used as research to pinpoint security vulnerabilities by sending random input to an application. If the program contains a vulnerability, researchers can parse the results to pinpoint the cause of the crash. The company said the OSS-Fuzz project has helped to find and verify fixes for more than 10,000 security bugs in open source software but researchers believed the tool could likely find even more bugs with increased code coverage.
Read more: https://www.securityweek.com/google-brings-ai-magic-to-fuzz-testing-with-eye-opening-results/