Sydr-Fuzz: Continuous Hybrid Fuzzing and Dynamic Analysis for Security Development Lifecycle. (arXiv:2211.11595v2 [cs.CR] UPDATED)

Nowadays automated dynamic analysis frameworks for continuous testing are in
high demand to ensure software safety and satisfy the security development
lifecycle (SDL) requirements. The security bug hunting efficiency of
cutting-edge hybrid fuzzing techniques outperforms widely utilized
coverage-guided fuzzing. We propose an enhanced dynamic analysis pipeline to
leverage productivity of automated bug detection based on hybrid fuzzing. We
implement the proposed pipeline in the continuous fuzzing toolset Sydr-Fuzz
which is powered by hybrid fuzzing orchestrator, integrating our DSE tool Sydr …

analysis automated bug bug hunting continuous continuous testing demand detection development dynamic dynamic analysis edge efficiency frameworks fuzz fuzzing high hunting hybrid lifecycle pipeline productivity requirements safety security software techniques testing