https://github.com/cncf/cncf-fuzzing where questions and queries are welcome. 1 https://github.com/google/oss-fuzz Executive summary In this engagement, Ada Logics worked on creating a fuzzing suite for Dapr. first integrating Dapr into OSS-Fuzz and add fuzzers for important APIʼs of the Dapr eco system. At the end of the audit, all fuzzers are running continuously by way of OSS-Fuzz which will report if they and 3) Components-Contrib. Results summarised 39 fuzzers developed All fuzzers added to Daprs OSS-Fuzz integration Fuzzing covers the Dapr Runtime, Kit and Components-Contrib sub projects. 3 issues

and then adding a fuzzer for the affected component. We added a total of five fuzzers to Daprs OSS-Fuzz integration. These will continue to run continuously a�er the conclusion of the audit. An area Fuzzing During the audit, Ada Logics wrote five new fuzzers for Dapr. We added the fuzzers to Daprs OSS-Fuzz integration so that they run continuously a�er the audit concluded. This allows the fuzzers to run testing the latest master branch as it evolves to test whether new bugs get introduced. Short-term, OSS-Fuzz was of value, in that one of the fuzzers found a security vulnerability in a 3rd-party dependency