Some comments on the “Not-So-Good”:

Motherhood and apple pie things were included so that the book can be used as a course book. For some unlucky (or reluctant to learn) people, just giving links will not help much.

Product comparisons were actually originally intended to be scattered around, to teach some other aspect in relation to fuzzing, rather than just focus too much on data that will be outdated fast. One chapter was still dedicated to just plain product comparison (thanks to Charlie Miller). Do not take that chapter as a fact though, as most open source and commercial tools develop rather fast, whereas others have been already abandoned for some reason. Things really develop fast in this market. For example, Codenomicon tools used in the comparison were already previous generation when the book came out.

Fuzzing is “über alles”! At least for the intended audience. The guys who do have access to source code (which does not usually include security auditors and testers) definitely need to look at static analysis also. That was out of the scope for this book.

In short, in everything we did in the book, the purpose was that the book is equally valid five or ten years from now.