 Hey, my name is Fernando and I'm a technical marketing manager here at GitLab. Today I'm going to show you fuzz testing and how it can benefit you. Fuzz testing automates providing invalid, unexpected, or random data as inputs to your application. Individual functions of your application can also be fuzz tested in order to find vulnerabilities before the application is even complete. The application is then monitored for errors such as crashes, failing code assertions, or potential memory leaks, all which can cause security issues. Here's the project set up with fuzz testing. In order to enable fuzz testing, we add the coverage template to the GitLab CI YAML. We create a job to tell the fuzzer how to run on our application. Each fuzzer is application specific and each programming language uses a different fuzzing library. For more information on this, see the links in the description. This is the file which contains the fuzzer. Here random data is passed to the parse complex dot parse function. Since this is a Java application, it's set up using JQF for fuzz testing. Fuzz testing helps you find issues or vulnerabilities that other QA processes may have missed. By adding it to the CI CD pipeline and running it on a feature branch, you can find these issues before they make their way to production. GitLab makes it easy to add coverage guided fuzz testing to your CI CD pipeline. Once fuzz testing has been configured, the pipeline runs and gathers up the fuzz testing results. These results can be downloaded or directly viewed on your browser. Looking at the results of the fuzz testing job, we can see a few items. There is a JSON artifact which contains all the issues detected. Then there's the corpus folder which contains all the test cases from previous runs. And then there's the crashes folder which contains all the crashes from previous runs. The JSON artifact provides information on the issues detected by fuzz testing. Here we see an index out of bounds issue which calls the application to crash. This leads us to examine the code the fuzzer calls. You can see that the function checks if data dot length is greater than four, but it fails to check if data dot length is less than four, which would throw an out of bounds error. This is something the developer missed which fuzz testing detected. Thanks for watching. For more information on fuzz testing in GitLab, see the links in the description. Be sure to subscribe. Here at GitLab, everyone can contribute.