AST

CI Rewind - Historical Vulnerabilities in the Automotive Space

Mar 17, 2023 By Code Intelligence In Code Intelligence

Join our CI Rewind and Learn how to Identify and Fix Common Bugs in Automotive Software In this replay of his talk at FuzzCon Europe - Automotive Edition 2022, CARIAD's Andreas Weichslgartner shows how contemporary software engineering can help to write more secure code and detect vulnerabilities already during development. He revisits historical vulnerabilities in the automotive space and take a look at common classes of bugs present in embedded software.

View Video

Code Intelligence

AST
Security

Read more about CI Rewind - Historical Vulnerabilities in the Automotive Space

Mend SAST Administration - User Interface Walkthrough

Mar 15, 2023 By Mend In Mend

Mend SAST is a SAST (Static Application Security Testing) solution for performing deep and extensive security analysis of application source code. Mend SAST is easy to use, requires almost no user input, and can be deployed during or after development with easy integration into a DevOps environment and CI/CD pipeline. The solution provides an excellent way to automate code inspection as an alternative to the demanding and time-consuming procedure of manual code reviews. Mend SAST supports all major languages and their frameworks, from Android Java to Xamarin C#.

View Video

Mend

Read more about Mend SAST Administration - User Interface Walkthrough

11 Tips for Unit Testing in Java

Mar 14, 2023 By Josh Grant In Code Intelligence

Unit testing is an important part of software development and is considered a crucial step in ensuring the quality and accuracy of the code. It helps in identifying bugs and issues early on in the development cycle, which ultimately results in delivering high-quality software. Java is renowned for being one of the most versatile languages in programming, and it offers a wide selection of unit testing frameworks and tools.

Read Post

Code Intelligence

Read more about 11 Tips for Unit Testing in Java

Securing a GraphQL API

Mar 10, 2023 By Code Intelligence In Code Intelligence

View Video

Code Intelligence

Read more about Securing a GraphQL API

Static analysis + penetration testing = More than the sum of their parts

Mar 10, 2023 By Phil Odence In Synopsys

Static analysis + penetration testing delivers a powerful punch in any software due-diligence effort. In the world of tech merger and acquisition (M&A) transactions, timing is everything. It’s important for prospective buyers and investors to understand as much of the target’s software assets’ security, quality, and legal posture as possible in a brief amount of time. This drives the need to conduct multiple assessments on a target’s code simultaneously.

Read Post

Synopsys

Read more about Static analysis + penetration testing = More than the sum of their parts

We are open sourcing our SAST solution!

Mar 7, 2023 By Guillaume Montard In Bearer

For the last two years, we’ve been quietly building a new kind of static application security testing (SAST) solution that allows security and engineering teams to assess, prioritize, and remediate security risks and vulnerabilities in their code by what matters most - sensitive data. Today, we are officially announcing its release as an Open Source project, Bearer.

Read Post

Bearer

Read more about We are open sourcing our SAST solution!

CI Rewind - Introduction to JavaScript Fuzzing

Mar 3, 2023 By Code Intelligence In Code Intelligence

JavaScript is widely used in backend and frontend applications that rely on trust and good user experience, including e-commerce platforms, and consumer-apps. Fuzz testing helps secure these applications against bugs and vulnerabilities that cause downtime and other security issues, such as Crashes, Denial-of-Service (DoS) and Uncaught Exceptions. In this session, you will learn about.

View Video

Code Intelligence

Read more about CI Rewind - Introduction to JavaScript Fuzzing

SAST Tools: How to Integrate and Scale Security Workflows in the SDLC

Feb 28, 2023 By Juan In Veracode

Static Application Security Testing (SAST) tools present a significant opportunity for organizations looking to reduce application security risk. However, not all workflows or tools are created equal. Using the right SAST tools at the right times, you can seamlessly integrate and scale security workflows throughout the software development lifecycle (SDLC).

Read Post

Veracode

Read more about SAST Tools: How to Integrate and Scale Security Workflows in the SDLC

Fuzzing in Jest - One Unified Workflow for Functional and Security Testing

Feb 24, 2023 By Code Intelligence In Code Intelligence

In this coding session, fuzzing expert Josh Grant will demo how the integration of Jazzer.js into Jest enables a unified workflow for functional and security testing in JavaScript. All with the familiar look and feel of a unit test.

View Video

Code Intelligence

Read more about Fuzzing in Jest - One Unified Workflow for Functional and Security Testing

7 Battle-Tested Tips for Using a DAST Scanner

Feb 22, 2023 By Aurore Inara In Spectral

While modern web applications are growing in complexity, the threat landscape is also constantly evolving. It can be difficult for developers to identify and remediate vulnerabilities in their code, especially if they need more expertise in security. As a result, manual application security testing has become ever more challenging and intricate.

Read Post