Why perform Fuzz Testing?
VoIP, WebRTC and critical system software is often written in languages like C and C++ that are not memory-safe. In such cases, fuzzing generally catches security vulnerabilities that traditional pentesting and secure code reviews miss.
Extend your security
efforts with fuzzing
We have developed internal frameworks to perform both whitebox, coverage-guided fuzzing and blackbox, network-based fuzzing. Our methodologies complement each other and ensure better coverage.
Our fuzz testing methodology led to various public advisories, security reports and CVEs that were previously unknown.
Coverage-guided instrumented fuzzing is an efficient approach to finding vulnerabilities within the code.
Network-based fuzzing for various protocols, including HTTP, SIP, RTP and various custom protocols too.
We develop our own fuzz testing tools, measure test coverage and reuse our internal software to great effect.
fuzz testing your software?
Get in touch to find out more.