Why you should be using automated fuzzing to test for security issues in your code

December 12, 2019

TALK: Testing Your Code for Security Issues With Automated Fuzzing SPEAKER: Albert Astals Cid COMPANY: KDAB TRACK: Tooling & Testing Talk recorded at the Qt World Summit 2019 event in Berlin. #QtWS19 November 2019 - BCC TALK DESCRIPTION: Writing secure code that deals with potentially untrusted data (parsers, importers, etc) is always hard since there are many potential cases to take into account. One of the techniques used to improve the security of such code is fuzzing. Fuzzing involves providing invalid or random data to a given piece of code to test its behaviour. Modern fuzzers are smart enough to understand what needs to be changed in the input to make the code go through a different code path making testing faster and more complete. oss-fuzz is a Free set of tools to make fuzzing of C/C++ code easier. It is comprised of various scripts and docker images, which, for example, have the base system libraries already compiled with the sanitizers. Coupling a fuzzer with the compiler sanitizers (asan, ubsan, msan) gives even better results since these sanitizers will make sure the code is run more strictly. In this session we’ll show how to fuzz a C++ codebase, as well as give you an update on how Qt is using these tools. Qt WEBSITE: For more info Qt, visit our site https://qt.io RESOURCES: For more videos from Qt visit our resource centre; https://resources.qt.io FOLLOW US ON SOCIAL: FB: https://www.facebook.com/qt/ LI: https://www.linkedin.com/company/4788... TW: https://twitter.com/qtproject THE Qt COMPANY Design - Develop - Deploy

Previous Video
Improve your code with Clang Tooling
Improve your code with Clang Tooling

TALK: Improving Your Code Using Clang Tooling SPEAKER: Kevin Funk COMPANY: KDAB TRACK: Tooling & Testing ...

Next Video
QSkinny - A new QtQuick framework focusing on vector graphics and dynamic theming
QSkinny - A new QtQuick framework focusing on vector graphics and dynamic theming

TALK: QSkinny – A New Approach for a QtQuick Framework SPEAKER: Peter Hartmann COMPANY: Edelhirsch Softwar...

Convince your boss: 10 ways to make them say "Yes!"

Get Presentation