Including and automating secure software development activities into agile development processes is challenging. Fuzz testing is a practical method for finding vulnerabilities in software, but has some characteristics that do not directly map to existing processes. The main challenge is that fuzzing needs to continue to show value while requiring minimal effort. The authors present experiences and practical ways to utilize fuzzing in software development, and generic ways for developers to keep security in mind.
Pekka Pietikäinen, Atte Kettunen, Juha Röhning (University of Oulu): Steps Towards Fuzz Testing in Agile Test Automation