Heads up, game programmers: if you aren't already fuzzing, you should be.
In 1988, professor Barton Miller at the University of Wisconsin developed a tool called "fuzz." Today Hewlett Packard security researcher (and onetime game developer) Dave Weinstein believes fuzz testing is one of the most common and useful tools in the hands of an attacker, and it is one of the easiest tools to implement and use as a defender in order to protect your game's user-facing code.
At GDC 2015 Weinstein explained why all game programmers should be considering this method to reveal vulnerabilities and protect against them. He went on to break down the creation of fuzzers, how you know where and when to fuzz, and the best ways to integrate that into your game development process. will cover the creation of fuzzers, where and when to fuzz, and how to integrate that into both the code base and the development process.
Weinstein's talk was smart and informative, and you can now watch the whole thing for free via the GDC Vault.
About the GDC Vault
In addition to this presentation, the GDC Vault and its new YouTube channel offers numerous other free videos, audio recordings, and slides from many of the recent Game Developers Conference events, and the service offers even more members-only content for GDC Vault subscribers.
Those who purchased All Access passes to recent events like GDC, GDC Europe, and GDC Next already have full access to GDC Vault, and interested parties can apply for the individual subscription via a GDC Vault subscription page. Group subscriptions are also available: game-related schools and development studios who sign up for GDC Vault Studio Subscriptions can receive access for their entire office or company by contacting staff via the GDC Vault group subscription page. Finally, current subscribers with access issues can contact GDC Vault technical support.
Gamasutra and GDC are sibling organizations under parent UBM Tech