Fuzzbuzz: Automating Application Security Testing

May 4, 2019

It’s no secret that application security testing is becoming ever more important as private data moves to the cloud. It’s also not a secret that most companies don’t have the expertise or resources needed to identify the vulnerabilities and bugs in their applications. That’s why Fuzzbuzz is automating application security testing, starting with “fuzzing-as-a-service”. We’re delighted to partner with our friends at Fuel Capital and Susa Ventures to provide Fuzzbuzz with its $2.7 million seed financing.

WHO: Co-founders, Everest Munro-Zeisberger, Andrei Serban and Sabera Hussain bring together exactly the engineering, product and design skills needed to build Fuzzbuzz. Everest worked on the Google Chrome fuzzing team, surfacing more than 15,000 bugs using fuzzing. Andrei is an accomplished software developer with experience from leading organizations including Confluent and Cloudflare. And Sabera has the unique ability to translate technical complexity into simple to use and understand products. Together, they’ve launched and generated a ton of buzz(!) amongst potential customers and security experts.

WHAT: Fuzzing or fuzz testing is an automated software testing technique used to discover bugs and vulnerabilities. It involves inputting massive amounts of random, invalid and unexpected data into software to see whether it crashes. While it seems obvious that all software should be tested this way, historically, fuzzing has been expensive and has required specialized skills. Fuzzbuzz has distilled all of that cost and complexity into a service that can be implemented in less than 20 minutes.

HOW: Fuzzbuzz integrates with source-control and continuous integration tools like GitHub, Jenkins and CircleCI, to ensure that the latest versions of code are always being tested. The company generates the tests, so developers don't have to spend their time dreaming them up for every possible scenario. Integrations with Slack, Jira, GitHub, and other developer tools allow for bug alerting and tracking within existing workflow. Finally, Fuzzbuzz is taking advantage of artificial intelligence and machine learning to use feedback from test results to generate new tests automatically, making the product smarter over time.

WHY: Fuzzbuzz’s mission is to make it safer to use software. Delivering code with fewer bugs via fuzzing is the starting point. But the Fuzzbuzz team has a broad vision in mind and we couldn’t be more excited to be a part of their journey. If you’re interested in helping to secure the world’s software, join the Fuzzbuzz team.