How AI-Automated Fuzzing Uncovered a Vulnerability in wolfSSL

Despite wolfSSL’s rigorous software testing practices, in October 2024, @codeintelligence —an application security vendor—discovered a potentially exploitable defect in wolfSSL. Remarkably, the potential vulnerability was found without human intervention. The only manual step was executing a single command to trigger autonomous fuzz testing. Watch our webinar for a demo of AI-automated fuzzing and an in-depth look at a heap-based use-after-free vulnerability in wolfSSL. In this webinar, you’ll: ✅ Discover how wolfSSL tests its code to ensure quality and security. ✅ Learn how AI-automated fuzz testing works and how it autonomously found the vulnerability. ✅ Watch a live demo of AI-automated fuzz testing on wolfSSL’s libraries. Time stamps 00:00 wolfSSL Intro 00:52 Testing at wolfSSL: An Overview 05:36 How do we test? 08:45 Making sure you know what you're testing 10:05 A case study 12:41 Code intelligence Intro 12:58 Automatic fuzzing of wolfSSL 14:04 Fuzzing started as a black-box method 14:56 Whitebox fuzzing 16:50 Motivation to automate fuzz testing 19:35 Fuzzability of wolfSSL 21:15 Live Demo 42:22 Fast-forward after 3 hours 43:50 Next steps 44:33 Q&A If you have questions about any of the above, please contact us at [email protected] or +1 425 245 8247. #AI #AIFuzzing #Cryptography #tls