Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

December 2021

Bug Detectors for log4j Are Now Available in Google's OSS-Fuzz

To help contain the damages that arise from the log4j vulnerability, Code Intelligence collaborated with Google’s Open Source Security Team. Together, we implemented effective bug detectors for Remote Code Execution Vulnerabilities (RCEs) to Google’s open source fuzzing framework, OSS-Fuzz.

Continuous REST API Testing With CI Fuzz

CI Fuzz is a platform for automated security testing that aims to enable developers to ship secure software fast. The platform empowers development teams to automatically deploy continuous REST API security tests with each pull request. Since it enables the instrumentation of entire web service environments, CI Fuzz can create test inputs that are guided by code coverage. This enables it to uncover complex vulnerabilities and edge cases that other tools often overlook.

Fuzz Testing in International Aerospace Guidelines

For obvious reasons, civilian aerospace is steeped in safety regulations. Long-standing international governing bodies mandate and oversee the specification, design, and implementation of civil avionics such that failure conditions that could lead to safety hazards are identifiable, assessed, and mitigated.