Google unveiled ClusterFuzzLite, the fuzzing solution to solve the problems in the software supply chain. It was derived from the current ClusterFuzz tool, which was launched as open-source code several years ago.
In a blog post on Thursday, Nov.11, the company’s software engineers Oliver Chang and Jonathan Metzman wrote about the capability of the security tool. According to them, it could now detect vulnerabilities earlier than before.
What is ClusterFuzzLite?
(Photo : Kai Wenzel from Unsplash )
Google has released its ClusterFuzzLite tool which is based on the previous ClusterFuzz open-source program. Read to find out more about this newest security tool.
Before diving into the definition of the new tool, it’s important to first know the meaning of fuzzing.
According to a report by VentureBeat on Thursday, Nov.11, this method is a technique used when detecting bugs through placing random or invalid data in the programs. With that, it could identify certain security flaws on the system which have bypassed the manual checking.
Moving on, ClusterFuzzlite is part of the OSS-Fuzz program which borrows its infrastructure from the ClusterFuzz. The search engine titan mentioned that it could be merged to increase the chance of finding vulnerabilities at a quicker rate.
Furthermore, this is also usable to the workflows for easy management of the software supply chain. This would help the experts to assess the changes before implementing them in the program.
Read Also: Google Bypasses Security Law to Give Users’ Data to Hong Kong Government-Here’s Why
ClusterFuzzLite Features and Supported CI Systems
Google’s ClusterFuzzLite presents a lot of features that set it apart from its based ClusterFuzz tool. These include sanitizer support, consistent fuzzing, and coverage report creation, according to another report by ZDNet on Friday, Nov.12.
According to the team behind this security tool, the latest creation requires little effort to set up. This would pave the way for developers to have an easy grasp of the open-source code for their programs.
“With ClusterFuzzLite, fuzzing is no longer just an idealized “bonus” round of testing for those who have access to it, but a critical must-have step that everyone can use continuously on every software project.
Google also aims to build a “more secure software ecosystem” that will be free from bugs and other forms of vulnerabilities.
Currently, it officially supports some CI systems such as the early-beta project Prow, Google Cloud Build, and GitHub Actions.
In the meantime, you can view the whole information about ClusterFuzzLite by clicking here.
Google’s Two-Factor Authentication Process
Earlier in October, Tech Times reported that the company will launch the two-step verification process for 150 million users who are expected to enroll at the end of the year.
The action was approved by Google following complaints from users who experience security threats. To add, this initiative will upgrade the firm’s privacy protection to a new level.
At the time of the report, the tech giant also said that it would bring the security feature to YouTube where they will require two million creators to use 2FA.
Google has been struggling to contain security flaws over the past months. The recent software that it released would strengthen its campaign to bar malicious threats from spreading on its platforms.
Related Article: New Google Chrome Privacy Guide Offers More Control Over Your Settings: How Does It Work?
This article is owned by Tech Times
Written by Joseph Henry
ⓒ 2021 Techbyandroid.com All rights reserved. Do not reproduce without permission.