Introducing Microsoft’s New Open Source Fuzzing Platform
https://cppcon.org/ https://github.com/CppCon/CppCon2020
This native code security talk is a joint presentation by Principals from Windows Security (COSINE) and Microsoft Research. The work by Google and other contributors to the llvm ecosystem on libfuzzer, ASan, and sancov have “shifted left” the field of fuzz testing from the hands of hackers and security auditors directly to CI/CD developers. Rather than waiting for an auditing gate, developers should be able to receive fuzz testing results …