Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Announcing Jit's Integration with Bright Security: Dev-Centric DAST Meets Unified Security Prioritization

We’re excited to announce Jit’s new integration with Bright Security, a best-of-breed DAST solution built for developers. This integration brings Bright’s accurate, low-noise security testing into Jit’s unified product security platform—so your AppSec team and developers can manage, prioritize, and remediate vulnerabilities from one centralized backlog. The problem?

Introducing Jit's Seamless Integration with the Checkmarx One SAST Solution

Balancing security and developer experience has always been a challenge. On one hand, teams need best-of-breed security scanners to minimize false positives and surface the most critical vulnerabilities. On the other, too many disparate security tools create complexity, slowing developers down. The key to effective security is combining best-in-class scanning with a unified and intuitive developer experience.

Announcing Jit's Customizable SAST Rulesets: Detect Security Issues Unique to Your Environment

We’re excited to announce Jit's Customizable SAST Rulesets, a powerful new feature that allows AppSec and DevOps teams to create and manage custom Semgrep rules tailored to their specific security needs. With Jit orchestrating Semgrep scans across the entire codebase and continuously analyzing every code change, teams can now ensure security gaps are identified and addressed before they reach production.

Jit + Semgrep Code: Unifying Best-in-Class SAST with Complete Product Security

We’re excited to announce Jit’s integration with Semgrep Code, bringing best-of-breed static application security testing (SAST) into Jit’s complete product security platform. This integration makes it easier than ever for security teams to detect, unify, and prioritize code security vulnerabilities alongside other product security risks.

AI-automated Fuzzing Found a Dynamic Stack Buffer Overflow in abseil-cpp

A dynamic stack buffer overflow vulnerability in the Abseil C++ library (abseil-cpp) was autonomously identified through AI-enhanced fuzz testing using CI Fuzz’s AI Test Agent and has been fully addressed with a patch. This post dives into the vulnerability, its discovery, and its implications for systems relying on this widely-used library.

Spark Demo: Code Intelligent's AI Test Agent

Demo: AI Test Agent in Action Discover the benefits of CI Fuzz 2.0, our powerful tool that simplifies fuzzing to a single command. The demo will also highlight root cause analysis capabilities, showcasing how vulnerabilities can be identified and addressed efficiently, this demo will uncover several real-world severe vulnerabilities uncovered by AI Test Agent in widely used open-source libraries during the past few months.

Fuzzing Forward: Lowering Barriers to Secure Code with AI

Introducing “Spark” Code Intelligence’s AI Test Agent Fuzz testing is a proven powerhouse for uncovering critical bugs, yet its full potential often goes untapped due to the heavy manual workload it demands. But what if that effort could be a thing of the past? Enter “Spark” Code Intelligence’s AI Test Agent—a revolutionary solution that automates the discovery of vulnerabilities, bringing the power of advanced security testing, like fuzzing, into reach for all.

How AI-Automated Fuzzing Uncovered a Vulnerability in wolfSSL

Despite wolfSSL’s rigorous software testing practices, in October 2024, Code Intelligence—an application security vendor—discovered a potentially exploitable defect in wolfSSL. Remarkably, the potential vulnerability was found without human intervention. The only manual step was executing a single command to trigger autonomous fuzz testing. Watch the video for a live demo of AI-automated fuzzing.

AI-Automated Fuzzing Found a Heap Buffer Overflow in AWS C Common Library

A critical heap buffer overflow vulnerability in the AWS C Common library was discovered autonomously through an AI-automated fuzz testing solution, CI Fuzz, and has been fully addressed with a patch. In this post, we explore the vulnerability and its potential impact on embedded systems.

How AI Test Agent autonomously finds bugs

A few weeks ago, we introduced Spark, an AI Test Agent that autonomously uncovers bugs in unknown code with just a single command. Watch the video to see how Spark generated 3 successful fuzz tests, identified a severe vulnerability, and achieved 79% code coverage with just one command. Spark has already identified several real-world vulnerabilities in open-source projects, even those that are continuously fuzzed.