Η Microsoft was released a new open source security tool called Project OneFuzz, a testing framework for Azure that has many software security testing tools to automate the debugging process that could be security issues.
Google's open source bots have helped identify thousands of bugs in its software and other productsletteropen source software. Now Microsoft is releasing its answer for software developers.
Project OneFuzz is available στο GitHub με άδεια MIT ανοιχτού κώδικα, όπως τα άλλα έργα ανοιχτού κώδικα της Microsoft, όπως το Visual Studio Code, .NET Core, and the TypeScript programming language for JavaScript.
Microsoft describes Project OneFuzz as an "scalable fuzz framework for Azure."
Fuzzing "works" on a piece of random code in the software until it crashes, possibly revealing security issues as well as performance issues.
Google has been a major supporter of the technique, pushing developers and researchers security in utilities and techniques. Open source fuzzers include OSS-Fuzz and Cluster Fuzz.
OSS-Fuzz is available for developers to download from GitHub and use in their own code. It is also available as a cloud service for select projects open source.
Microsoft has announced that it will replace the existing software testing tools also known as Microsoft Security and Risk Detection with the automated open source fuzzing tool.
The company from Redmond also mentions that the tools offer a different and accurate challenge για όλες τις επιχειρήσεις που χρησιμοποιούν προγραμματιστές λογισμικού και δίνει τα credits στην Google για την πρωτοπορία σε αυτή την technology.
OneFuzz is the same testing framework that Microsoft uses to debug Edge, the Windows and other products of the company.