Mozilla continues to build the Web as a platform for security which is a crucial part of our mission to move the Web forward as a platform for openness, innovation and opportunity for all. Today this platform for security is being advanced through Mozilla and BlackBerry collaborating on advanced automated security testing techniques known as fuzzing and Mozilla introducing Minion, an open source security testing platform intended to be used by developers and security professionals. These research efforts are some of the many ways Mozilla helps make the Web more secure and protect Firefox users. Mozilla and Blackberry Join Forces To Improve Web Security [blog.mozilla.org]
Mozilla and BlackBerry’s work on security research techniques are in the area of fault injection. Fault injection (also known as “fuzzing”) is a method of automated security testing that is used to identify potential security concerns that can be fixed before users are at risk. Fault injection is a testing technique where specially designed software is created to inject a variety of unexpected or malformed data into a specific application, program or area of code. The goal is to uncover areas where the software does not properly handle the malformed data. Through fault injection it is possible to identify potential security weaknesses that can be proactively addressed before there is ever a threat to users.