What vulnerability assessment method involves entering malformed data at data entry points?

Fuzz testing is a vulnerability assessment method that intentionally inputs malformed, corrupted, or random data into a program, particularly at data entry points, to uncover potential vulnerabilities and software bugs. This technique helps in identifying how the application handles unexpected or invalid input and can reveal weaknesses that could be exploited by attackers. By observing the behavior of the program during these tests, security professionals can determine if the application fails gracefully or if it exposes vulnerabilities such as crashes, memory leaks, or security loopholes.

Fuzz testing is particularly effective because many programs are not designed to handle unexpected inputs robustly, making it a valuable method in the software security testing toolbox. It does not involve the systematic scanning of systems or their components, focusing instead on the interaction with data inputs, setting it apart from other methods mentioned.