"New CLI Tool Allows Java Devs to Add 'Fuzzing' to JUnit"

Code Intelligence, a provider of automated testing tools, has released CI Fuzz CLI, an open-source Command-Line Interface (CLI) tool that allows Java developers to incorporate fuzz testing into their existing JUnit setups. JUnit is an open-source, Java-based unit-testing framework created by Parasoft used to write and run repeatable automated tests. It is regarded as one of the leading tools for regression testing, a type of software testing that examines whether recent changes to code have had an adverse effect on previously written code. According to the company, Java developers can now use the CI Fuzz CLI tool to find functional bugs and security vulnerabilities at scale. Fuzz testing, also known as fuzzing, is an automated software testing method that introduces invalid, incorrect, or unexpected inputs into a system in order to detect software defects and vulnerabilities. A fuzzing tool, such as CI Fuzz CLI, presents these unexpected inputs into the system and then monitors reactions indicating security, performance, or quality issues. It is considered a complementary approach to unit testing, which involves testing an application's smallest testable unit. The company states that CI Fuzz CLI was designed to address the current challenges associated with fuzz testing, such as a lack of understanding and implementation challenges, by making fuzz testing accessible to developers directly from their command line or Integrated Development Environment (IDE). CI Fuzz CLI uses genetic and evolutionary algorithms along with automated instrumentation to generate millions of unusual inputs in real time to test applications for unexpected behaviors that could result in crashes, Denial-of-Service (DoS) attacks, or zero day exploits. The tool enables continuous application security testing directly in the Continuous Integration (CI) and Continuous Delivery (CD) process by providing new fuzzing capabilities for Java. Code Intelligence says this is especially useful for companies with cloud-based products and services wanting to develop a mature DevSecOps pipeline. This article continues to discuss the new CI Fuzz CLI tool.

ADT MAG reports "New CLI Tool Allows Java Devs to Add 'Fuzzing' to JUnit"