October 2022

Automotive Software - ISO 21434 Compliance Simplified

Oct 28, 2022 By Sergej Dechand In Code Intelligence

The modern vehicle comes equipped with a variety of software systems. Especially features that connect it to the outside world, such as online updates, fleet management and communication between vehicles, offer attack surface. The security of automotive software is crucial, not only because bug-induced call-backs are costly, but also because the well-being of passengers depends on it.

Read Post

Code Intelligence

Read more about Automotive Software - ISO 21434 Compliance Simplified

Automatically Detect Concurrency Issues in Automotive Software

Oct 28, 2022 By Code Intelligence In Code Intelligence

What to Expect CI Fuzz CLI is an open-source solution that lets you run feedback-based fuzz tests from your command line. Every developer can use it to find bugs and vulnerabilities with three simple commands. In this live stream, our expert Daniel will: All code examples and tools used are open-source.#c/c++ #fuzzing #security #opensource #automotive

View Video

Code Intelligence

Read more about Automatically Detect Concurrency Issues in Automotive Software

What Is Cross Site Scripting and How to Avoid XSS Attacks?

Oct 26, 2022 By Khaled Yakdan In Code Intelligence

Cross-site scripting has been at the top of the OWASP Top 10 for nearly a decade. In this article, we'll explore everything you need to know about XSS, the associated risks, and countermeasures you can take.

Read Post

Code Intelligence

Read more about What Is Cross Site Scripting and How to Avoid XSS Attacks?

Fuzzing Explained in 120 Seconds

Oct 26, 2022 By Code Intelligence In Code Intelligence

View Video

Code Intelligence

AST
Security

Read more about Fuzzing Explained in 120 Seconds

Code Intelligence Announces FuzzCon Europe - Automotive Edition 2022

Oct 25, 2022 By Code Intelligence In Code Intelligence

Online Event on November 17 Will Bring Together Leading Automotive Developers and Security Engineers.

Read Post

Code Intelligence

Read more about Code Intelligence Announces FuzzCon Europe - Automotive Edition 2022

Introduction to JavaScript Fuzzing | How to Write a Fuzz Test With Jazzer.js

Oct 21, 2022 By Code Intelligence In Code Intelligence

JavaScript is widely used in both backend and frontend applications. Crashes that cause downtime or other security issues are very common in NodeJS packages. Jazzer.js makes it easy for developers to find such edge cases. In this live stream, Norbert will show you how to secure JavaScript applications using the open-source fuzzer Jazzer.js.

View Video

Code Intelligence

Read more about Introduction to JavaScript Fuzzing | How to Write a Fuzz Test With Jazzer.js

How to Simplify Fuzz Testing for C++

Oct 20, 2022 By Jochen Hilgers In Code Intelligence

Today I want to show you a way to simplify fuzz testing for your C++ applications. If you read this article to the end, you will learn about an automated testing approach that can protect your applications against all sorts of memory corruptions and other security vulnerabilities.

Read Post

Code Intelligence

Read more about How to Simplify Fuzz Testing for C++

Remote Code Execution Vulnerability Discovered in HSQLDB

Oct 19, 2022 By Roman Wagner In Code Intelligence

19.10.2022 - As part of our goal to continuously improve our vulnerability detectors, we continuously test various open-source projects with Jazzer within OSS-Fuzz. In this case, a test run yielded a severe finding with a potential remote code execution in a HSQLDB (CVE-2022-41853).

Read Post

Code Intelligence

Read more about Remote Code Execution Vulnerability Discovered in HSQLDB

How to Set Up a Fuzz Test in Easy 6 Steps

Oct 18, 2022 By Code Intelligence In Code Intelligence

In this tutorial, I will show you how to set up and run a fuzz test on a C/C++ application, with the CI Fuzz CLI. The CI Fuzz CLI is an easy-to-use fuzzing tool, that enables you to integrate and run fuzz tests directly from your command line. I chose this tool for this tutorial, on how to set up a fuzz test, as it is particularly user-friendly, and as it allows developers to set up and run a fuzz test with only three commands.

View Video

Code Intelligence

AST
Security

Read more about How to Set Up a Fuzz Test in Easy 6 Steps

The 6 Biggest Challenges of REST API Testing

Oct 6, 2022 By Daniel Teuchert In Code Intelligence

Securing REST APIs is particularly difficult since they are highly interconnected and not designed for manual access. To save time and be more efficient, many developers rely on testing solutions that can automatically detect REST API endpoints and test parameter properties within them. In this article, I want to provide an overview of the 6 biggest challenges of REST API security testing and how test automation can help resolve them.

Read Post

Code Intelligence

Read more about The 6 Biggest Challenges of REST API Testing

How to Find Arbitrary Code Execution Vulnerabilities with Fuzzing

Oct 5, 2022 By Roman Wagner In Code Intelligence

Remember Log4j? Arbitrary code execution bugs are more common than you think, even in memory-safe languages, like Java. Learn how to find these vulnerabilities with fuzzing. Arbitrary code execution vulnerabilities represent one of the most dangerous classes of vulnerabilities in Java applications. Incidents such as Log4Shell clearly demonstrate the impact of these security issues, even in memory-safe languages. They also show that fuzzing can be very effective in finding these vulnerabilities.

Read Post

Code Intelligence

Read more about How to Find Arbitrary Code Execution Vulnerabilities with Fuzzing

Uncovering Hidden Bugs and Vulnerabilities in C/C++ | How to Fuzz Your Code With 3 Commands

Oct 5, 2022 By Code Intelligence In Code Intelligence

CI Fuzz CLI is an open-source solution that lets you run feedback-based fuzz tests from your command line. Every developer can use it to find bugs and vulnerabilities with three simple commands. In this stream, I will demonstrate: 1) How to cover the current state of fuzz testing 2) How to set up CLI fuzzing within 3 commands 3) How to uncover multiple bugs and severe memory corruption vulnerabilities

View Video

Code Intelligence

Read more about Uncovering Hidden Bugs and Vulnerabilities in C/C++ | How to Fuzz Your Code With 3 Commands

How to Fuzz Your Code With 3 Commands | Finding Hidden Bugs in C/C++

Oct 5, 2022 By Code Intelligence In Code Intelligence

CI Fuzz CLI is an open-source solution that lets you run feedback-based fuzz tests from your command line. Every developer can use it to find bugs and vulnerabilities with three simple commands. In this stream, our expert Jochen will demonstrate: cover the current state of fuzz testing set up CLI fuzzing within 3 commands uncover multiple bugs and severe memory corruption vulnerabilities All code examples and tools used are open-source.

View Video

Code Intelligence

AST
Security

Read more about How to Fuzz Your Code With 3 Commands | Finding Hidden Bugs in C/C++

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

October 2022

Automotive Software - ISO 21434 Compliance Simplified

Automatically Detect Concurrency Issues in Automotive Software

What Is Cross Site Scripting and How to Avoid XSS Attacks?

Fuzzing Explained in 120 Seconds

Code Intelligence Announces FuzzCon Europe - Automotive Edition 2022

Introduction to JavaScript Fuzzing | How to Write a Fuzz Test With Jazzer.js

How to Simplify Fuzz Testing for C++

Remote Code Execution Vulnerability Discovered in HSQLDB

How to Set Up a Fuzz Test in Easy 6 Steps

The 6 Biggest Challenges of REST API Testing

How to Find Arbitrary Code Execution Vulnerabilities with Fuzzing

Uncovering Hidden Bugs and Vulnerabilities in C/C++ | How to Fuzz Your Code With 3 Commands

How to Fuzz Your Code With 3 Commands | Finding Hidden Bugs in C/C++

Monthly Archive

Follow Us