Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Tool Talk: Fuzzing

Get the buzz on fuzz testing in software development.

Get the buzz on fuzz testing in software development

Did you know fuzzing is a great way to spot vulnerabilities and bugs in your software? If you're thinking about adding this technique to your software testing toolkit (or taking it to the next level), our second Tool Talk episode can help!

Used extensively by security researchers, fuzzing (aka fuzz testing) has become popular with software developers too. And for good reason. Fuzzing utilities are available for a wide variety of use cases and can be left running for days at a time with minimal interaction.

Want to learn more about fuzzing, see it in action, and start using it in your own projects? Watch the on-demand Tool Talk with Bishop Fox Senior Security Consultant Matt Keeley.

In this Tool Talk, Matt covers:

  • Fuzzing basics — what is it and how it works
  • Fuzzer types and methods — and the pros and cons of each
  • Fuzzing structure
  • Fuzzing targets and harnesses
  • Popular fuzzing tools

Matt is using fuzzing to uncover vulnerabilities in real open-source software and provide resources for you to try it yourself!

Matt k

About the speaker, Matt Keeley

Security Researcher

Matt Keeley is former Senior Security Consultant at Bishop Fox specializing in application penetration testing, product security reviews, and source code analysis. He holds a Bachelor of Science in Computer Science (Cybersecurity) from Arizona State University Master of Science Computer Science from Georgia Institute of Technology. During his sophomore year at ASU, Matt co-founded the DevilSec cybersecurity club, where he presents weekly red/blue team topics to students and arranges for top speakers, CEO’s, and guests of honor to present on industry related subjects. Matt is an avid security researcher and is considered an internal subject matter expert for product security reviews. He was also recently quoted in IT Business Edge and interviewed on the InfoSec Prep podcast. Matt currently holds his OSCP, OSWE, OSCE, OSWP and CRTO certifications.

More by Matt
Joe sechman

About the speaker, Joe Sechman

Bishop Fox Alumnus

Joe is a Bishop Fox alumnus and brought over 20 years of experience to his role as Associate Vice President of R&D. He was responsible for nurturing a culture of innovation across Bishop Fox. Over his career, Joe has amassed many security certifications, delivered several presentations, and has co-authored multiple industry publications with groups such as ISC2, ISACA, ASIS, HP, and IEEE.

Additionally, Joe is a prolific inventor with nine granted patents in the fields of dynamic and runtime application security testing, attack surface enumeration, and coverage (U.S. Patents 10,699,017, 10,515,219, 10,516,692, 10,515,220, 10,423,793, 9,846,781, 10,650,148, 10,587,641, and 11,057,395). Prior to joining Bishop Fox, Joe held leadership positions with companies such as Cobalt Labs, HP Fortify, Royal Philips, and Sunera LLC (now Focal Point Data Risk). Earlier in his career, Joe served as the lead penetration tester within SPI Labs at SPI Dynamics where he cut his teeth alongside some of the best and brightest application security industry professionals. Joe received his Bachelor of Business Administration degree in Management Information Systems from the Terry College of Business - University of Georgia.
More by Joe

Extend Your Knowledge

Check out these related resources.

The Ponemon Security offensive security blueprint for the technology industry with preview of report.
Report

The Offensive Security Blueprint for Technology & Software

Bishop Fox's Technology and Software industry cut provides a comprehensive analysis of offensive security trends within the sector, using industry data gathered from our joint research report with the Ponemon Institute.

Learn More
2024 Q1 DIGITAL DS COSMOS Tile
Datasheet

Cosmos Datasheet

Learn how Cosmos combines attack surface management with expert-driven penetration testing to help security teams identify and remediate dangerous exposures before attackers can exploit them.
Learn More
Managed Security Service: Cosmos External Penetration Testing (CEPT) datasheet pages thumbnail floating on dark background..
Datasheet

Cosmos External Penetration Testing (CEPT) Datasheet

Learn how Cosmos External Penetration Testing (CEPT) expands the scope of Cosmos Attack Surface Management to deliver the highest level of attack surface protection and meet compliance requirements.

Learn More

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.