Commit e9075452 authored by Suzanne Selhorn's avatar Suzanne Selhorn

Merge branch 'russell/improve-coverage-fuzzing-docs' into 'master'

Improve introduction of coverage-guided fuzzing

See merge request gitlab-org/gitlab!70566
parents 33f8f24c f8d99b9d
...@@ -7,15 +7,14 @@ type: reference, howto ...@@ -7,15 +7,14 @@ type: reference, howto
# Coverage-guided fuzz testing **(ULTIMATE)** # Coverage-guided fuzz testing **(ULTIMATE)**
Coverage-guided fuzzing sends random inputs to an instrumented version of your application in an
effort to cause unexpected behavior. Such behavior indicates a bug that you should address.
GitLab allows you to add coverage-guided fuzz testing to your pipelines. This helps you discover GitLab allows you to add coverage-guided fuzz testing to your pipelines. This helps you discover
bugs and potential security issues that other QA processes may miss. Coverage-guided fuzzing sends bugs and potential security issues that other QA processes may miss.
random inputs to an instrumented version of your application in an effort to cause unexpected
behavior, such as a crash. Such behavior indicates a bug that you should address.
We recommend that you use fuzz testing in addition to the other security scanners in [GitLab Secure](../index.md) We recommend that you use fuzz testing in addition to the other security scanners in [GitLab Secure](../index.md)
and your own test processes. If you're using [GitLab CI/CD](../../../ci/index.md), and your own test processes. If you're using [GitLab CI/CD](../../../ci/index.md),
you can run your coverage-guided fuzz tests as part your CI/CD workflow. You can take advantage of you can run your coverage-guided fuzz tests as part your CI/CD workflow.
coverage-guided fuzzing by including the CI job in your existing `.gitlab-ci.yml` file.
## Supported fuzzing engines and languages ## Supported fuzzing engines and languages
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment