DeveloperWeek Europe 2021 DeveloperWeek Europe 2021
Get your ticket or log in to build your agenda.

KEYNOTE: Code Intelligence -- Fuzzing for Everyone! How to Push Shift-Left Testing Even Further?

Main Stage
Join on Hopin

Fabian Meumertzheim
Code Intelligence, Senior Software Engineer

Fabian Meumertzheim is a Senior Software Engineer at Code Intelligence. He maintains and contributed to multiple open-source projects, such as Chromium, systemd, and Android Password Store, all with the aim of making security unobtrusive and ubiquitous. At Code Intelligence, he is one of the leading engineers behind CI Fuzz and Jazzer.

Currently, white-box fuzzing is the most effective testing-approach to automatically identify vulnerability and stability issues within your software. For instance, Google already finds more than 80% of their bugs alone with fuzzing in contrast to all their other testing methods.

And it is very easy to use. In the future everyone will be able to integrate fuzz testing into their CI/CD. That’s why I say: “Developers should cover more security testing, themselves!”.

They are the experts! Developers know their own code best and with the right tools, they can identify bugs with little to no effort. And if by finding these bugs in an early stage of the development process, fixing them becomes very simple and cost-effective.

In my talk, you'll see why I'm so optimistic about the future!

We’ll cover the following topics:
- Modern fuzzing approaches (“feedback-based-fuzzing”)
- Instrumenting JVM code for fuzzing
- Automating fuzzing for web applications
- Integration of fuzzing in the development process
- Fuzzing web applications and integration into the CI/CD