[fuzzing] Hey all
Weizenegger, Sven
Sven.Weizenegger at t-systems.com
Sat Mar 15 12:41:25 CDT 2008
Hello,
Jared DeMot wrote:
>
> So it's been a while since I've posted, but I was thinking,
> why not a CFP (Certified Fuzzing Professional)? There's
> certs for everything else out there, how do you guys think
> industry would take the idea?
Not a good idea! ;)
The most ppl that i know with "fuzzing skills" knows not much
about QA for big companies and process based fuzzing approaches,
and this is one of the biggest problems in the industrie. Writing a small
fuzzer is easy, but writing a very good one which fits into your
current release and product development is quite harder! I dont
like to pay $$$$$ for a little perl/python script from an external
security consulting company (sic!) which has a bad protocol coverage
and so on...
And which one will be the 3rd party for the certification? One of this
security consulting companies without QA background, no thank you!
(uuh some of them use SIP fuzzerz only with INVITE...)
Just my .02 euro and have a nice weekend,
kind regards / mit besten Grüßen
Sven Weizenegger
T-Systems Business Services GmbH
TCO Technical Engineering
Sven Weizenegger
TAC Security
Klosterstr. 62, 10179 Berlin
tel +49 30 30392 8744
mobil +49 160 97864213
email sven.weizenegger at t-systems.com
http://www.t-systems.de
More information about the fuzzing
mailing list