DevOps Articles

Google Introduces ClusterFuzzLite Security Tool for CI/CD

Have you noticed we’re taking coding security more seriously these days? Software supply chains attacks, such as the ones on https://www.zdnet.com/article/updated-kaseya-ransomware-attack-faq-what-we-know-now/, https://www.solarwinds.com/, and https://thenewstack.io/php-supply-chain-attack-shows-open-sources-virtues-and-vices/ are becoming commonplace. When even the https://www.nist.gov/ and the White House issues an https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/ demanding more code testing, you know cybersecurity is finally being taken seriously.

By feeding unexpected or random data into a program, fuzzing catches bugs that would otherwise slip past the most careful eyeballs.

OSS-Fuzz and ClusterFuzzLite help us maintain curl as a quality project, around the clock, every day and every commit.”