Ivan Novikov Chats about Fuzzing in Testing

3

Inner Circle Podcast Episode 020

An application is no longer a product. In the world of cloud, and DevOps, and containers, an application is a process. There is no distinct beginning or end to development. The application is a living thing that cycles through a feedback loop–constantly identifying and resolving issues and consistently improving and evolving. When you have continuous development and continuous deployment, though, you also need continuous testing and continuous security that can keep up.

Wallarm

Ivan Novikov, co-founder and CEO of Wallarm, is my guest for this episode of the Inner Circle podcast. We talk about the need for continuous testing, and the philosophy and technology behind Wallarm. We also delve into the concept of fuzzing as a security testing technique.

Novikov explains that fuzzing techniques are based on a variety of assumptions about what normal data should look like. Using email as an example, you expect the input to consist of a unique email address, followed by the ‘@’ symbol and then the domain. Novikov says fuzzing will add spaces, or insert Unicode characters and other unexpected input to determine what how the application will behave.

Once you find the unexpected or erratic application behavior, that is when the real fun begins. Listen to this episode of the Inner Circle to learn more.

Share.

About Author

I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 3 dogs, 5 cats, 3 rabbits, 2 ferrets, pot-bellied pig and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Twitter, Facebook, Instagram and LinkedIn.