Microsoft was released a new tool open source security called Project OneFuzz, a testing framework for Azure that has several software security testing tools to automate the process of debugging what could be security issues.
Google's open source bots have helped detect thousands of bugs in its software and other open source software programs. Now Microsoft is releasing its answer for software developers.
Project OneFuzz is available on GitHub with an open source MIT license, like other Microsoft open source projects such as Visual Studio Code, .NET Core, and the TypeScript JavaScript programming language.
Microsoft describes Project OneFuzz as an "scalable fuzz framework for Azure."
Fuzzing "works" in a comeye random code in the software until it crashes, potentially exposing security issues as well as performance issues.
Google has been a major supporter of the technique, pushing developers and security researchers into utilities and techniques. Open source fuzzers include the OSS Fuzz and Cluster Fuzz.
OSS-Fuzz is available for developers to download from GitHub and can use it in their own code. It is also available as a cloud service for selected open source projects.
Microsoft has announced that it will replace the existing software testing tools also known as Microsoft Security and Risk Detection with the automated open source fuzzing tool.
The company from Redmond also says that the tools offer a different and precise challenge for all businesses that software developers use and credits Google for pioneering this technology.
OneFuzz is the same test framework that Microsoft uses to detect bugs in Edge, Windows, and other company products.