Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Google details Chrome browser security-testing technology

'ClusterFuzz' is an industrial-strength system the company uses to check for holes in the browser

Since late last year, Google has been using an industrial-strength testing system to identify, analyze and fix security holes in its Chrome browser, helping it significantly cut down on the number of vulnerabilities that slip through to the most recent version product in production.

Google calls the system ClusterFuzz. It's made up of "several hundred" virtual machines loaded with about 6,000 Chrome instances, subjecting them to about 50 million test cases every day, the company said on Thursday.

The system's capacity is projected to quadruple in the coming weeks. Since its full deployment late last year, ClusterFuzz has flagged 95 unique vulnerabilities, 44 of which were fixed before making it into the most recent stable release of the browser, according to a Google blog post.

In addition to benefiting users of the product, the detections also help open-source software used by Chrome like WebKit and FFmpeg, because Google submits vulnerability reports to their project teams.

In addition to running the tests and detecting browser crashes, ClusterFuzz is also used to manage the distribution of test cases, analyze the crashes to determine if they involve a security hole that can be exploited, and verify if a vulnerability has been properly fixed.

Juan Carlos Perez covers enterprise communication/collaboration suites, operating systems, browsers and general technology breaking news for The IDG News Service. Follow Juan on Twitter at @JuanCPerezIDG.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Google, IDG
References show all
Comments are now closed.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Swiss Nuclear Power Plant Improves Business Continuity
    Learn how Kernkraftwerk Leibstadt (KKL), a Swiss nuclear power plant, achieved 95% virtualization with 50% fewer servers in just two months by implementing a Vblock System. The solution ensures that KKL can reliably deliver the continuous electricity supply safely and cost effectively.
    Learn more »
  • Information Management
    Valuable data can be a needle in a haystack, but by leveraging the value in existing information assets, organisations can generate real and achievable gains in revenue generation, IT investments and productivity gains. This whitepaper discusses how Information Management (IM) is a multi-faceted discipline that can be employed to meet or exceed your business objectives.
    Learn more »
  • Case Study: Fox Sports
    Fox Sports Australia needed a way to deal with explosive data growth while moving to a new purpose-built studio and production facility. Read how an internal private broadcaster helped the broadcaster meet these challenges while savings costs, decreasing system implementation time and reducing IT support calls by 75%.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Latest Jobs
Salary Calculator

Supplied by

View the full Peoplebank ICT Salary & Employment Index

Recent comments

Computerworld
ARN
Techworld
CMO