Top Tweets for #OSSFuzz
Late to the party, but glad to be in Google Open Source Peer Bonus for #ossfuzz https://t.co/JdVSbYYuwk
6 years of #OSSFuzz!
Congrats on an amazing track record of:
❗️8 800 vulnerabilities fixed
🪲28 000 bugs fixed
🔐in 850 projects
and many more to come!
Soon also in #JavaScript, thanks to the upcoming integration of #Jazzerjs.
https://t.co/xr5oRmninO
The punycode fuzzer was added for the recent OpenSSL vulnerability and is continuously fuzzed by #OSSFuzz. Fuzzer is simple as usual, just 25 LoC. Analyze your uncovered code with FuzzIntrospector and add fuzzers.- https://t.co/OtVZVk1ylT
It's all about security, security, security!🔒
1. Know
2. Prevent
3. Fix
- says Emilio Salvador, Head of Standards, Open Source Program Office @Google #Scorecards #OSSFuzz #sosdev @projectsigstore #OSSummit
The team at @ADALogics have found a DoS vulnerability in @HelmPack by way of fuzzing which has now been fixed. The vulnerability affected at least one other CNCF project. Update now if you use the strvals package. @CloudNativeFdn #OSSFuzz
Denial of Service in @HelmPack the @kubernetesio package manager, found with continuous #fuzzing using #OSS-Fuzz. https://t.co/DAd3Z2cbgs Fix is included in the latest Helm release, patch it up :)! Thanks to @AdamKorcz4 for developing the fuzzing set up
Check out these interesting results from @ADALogics who used #OSSFuzz to fuzz the @CloudNativeFdn landscape - 19 projects, 325 bugs and growing - https://t.co/j32R7YeC1T
What a great contribution to the open-source community!
@Davkorcz and @AdamKorcz4 reported 2000+ bugs in #opensource projects using Google’s #OSSFuzz ❤️
Fuzzing 100+ open source projects with OSS-Fuzz https://t.co/FLyykrDZXq
@catenacyber (Philippe Antoine) fuzzed @Suricata_IDS for a year.
This is what happened:
- 49 unique bug findings
- Improvements for OSS-Fuzz
- +50% code coverage in Rust
#Suricata #Fuzzing #OSSFuzz
https://t.co/9ujNeWt2pa
@catenacyber (Philippe Antoine) fuzzed @Suricata_IDS for a year.
This is what happened:
- 49 unique bug findings
- Improvements for OSS-Fuzz
- +50% code coverage in Rust
#Suricata #Fuzzing #OSSFuzz
https://t.co/9ujNeWt2pa
#OSSFuzz fuzzes 500+ OSS projects 24/7 on 100k machines. After years, why does it still find bugs at a constant rate? Because new bugs are introduced all the time. That's why we developed
🌟Regression Greybox Fuzzing🌟 *jingle*
Find out more today 20:40 ET (10:40 KST) at CCS'21
The Secure Open Source Rewards program is now paying for OSS-Fuzz vuln fixes! See https://t.co/WsiV4irod6 for details. Bugs that have exceeded the 90 day disclosure deadline are in scope.
OSS-Fuzz: Fuzzing Everything
Abhishek Arya and Fabian Meumertzheim at FuzzCon Europe - WebSecurity Edition about:
- Why fuzz memory-safe languages?
- Integrating Jazzer into OSS-Fuzz
- Finding a CVE in a JSON-sanitizer
https://t.co/HLeLuqunDO
#OSSFuzz @infernosec @fhenneke
Oh dear...😱
Got PILES of such errors after integrating into Google's OSS-Fuzz! It's a no-brainer actually, as Wasm3 didn't undergo any serious fuzz-testing to the day. 😆
And now it's a continuous process! 🎉
#Google #OSSFuzz #fuzzing #fuzztesting #memoryunsafety
@PeterOHearn12 @johnregehr @jeanqasaur @cestlemieux @fivancic @lszekeres In terms of machines, you are absolutely right. Most devs cannot afford running 20x 24h fuzzing campaigns in regular intervals. This is why I love the #OSSFuzz effort so much. OSS Security outsourced and free. You submit fuzz drivers and handle the auto-generated bug reports. 5/
The probability that a reported bug is a regression increases from the time a new project lands in #OSSFuzz -- from 20% for the first bug to nearly 99% for the 1000th bug.
Once a project is well-fuzzed, most discovered bugs are introduced by recent changes.
Once a new project lands in #OSSFuzz, there is an initial burst of new bug reports at a rate of 2.5 per day. After that, the rate drops but remains constant at 3.5 reports per week.
Don't waste resources fuzzing old code. Focus on changed code.
Once a new project lands in #OSSFuzz, there is an initial burst of new bug reports at a rate of 2.5 per day. After that, the rate drops but remains constant at 3.5 reports per week.
Don't waste resources fuzzing old code. Focus on changed code.
Last Seen Hashtags on Sotwe
SexyVideo
Seen from Greece
fiorde
Seen from Italy
mamáculona
Seen from Guatemala
konyatravesti
Seen from Turkey
monkeyappwins
Seen from United States
momson t.co
Seen from France
roblacked
Seen from Vietnam
สแกนเถอะพี่สติ๊กเกอร์นี้มันแซ่บ
Seen from United States
hemarajkumar
Seen from Singapore
ครูเอาท์ดอ
Seen from Thailand
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers