Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Code Intelligence

code intelligence

Understanding, detecting, and fixing buffer overflows: a critical software security threat

Oct 22, 2024 By Natalia Kazankova In Code Intelligence
Buffer overflows are one of the oldest and most dangerous vulnerabilities in software security. A heap buffer overflow was the second most exploited vulnerability in 2023. Over the years, it has enabled countless attacks, often with severe consequences, such as Cloudbleed in 2017. Despite advances in security practices, buffer overflows continue to pose significant risks, especially in software written in low-level languages like C and C++.
Read Post
code intelligence

Code Intelligence Launches Classic AUTOSAR Simulator for Scalable Testing and Early Detection of Vulnerabilities, Reducing Hardware Dependency in Automotive Testing

Oct 2, 2024 By Code Intelligence In Code Intelligence
AUTOSAR Simulator Enables Automotive Suppliers to Test Complete AUTOSAR Systems for Security Issues and Bugs Without Hardware.
Read Post
code intelligence

How to detect more bugs in AUTOSAR Applications and enable SiL testing by using a simulator

Oct 2, 2024 By Khaled Yakdan In Code Intelligence
Testing Classic AUTOSAR applications has long been a significant challenge due to the reliance on hardware-in-the-loop (HiL) setups, which are costly, complex, and hard to scale. Code Intelligence’s new lightweight AUTOSAR simulator revolutionizes this process by enabling entire AUTOSAR applications to run on x86 Linux systems, thus facilitating software-in-the-loop (SiL) testing.
Read Post
code intelligence

Understanding Out-of-Bounds Memory Access Vulnerabilities and Detecting Them with Fuzz Testing

Aug 22, 2024 By Khaled Yakdan In Code Intelligence
Out-of-bounds memory access, also known as buffer overflow, occurs when a program tries to read from or write to a memory location outside the bounds of the memory buffer that has been allocated for it. This type of vulnerability is particularly dangerous because it can lead to various issues, including crashes, data corruption, sensitive data leaks, and even the execution of malicious code.
Read Post

Detecting Out-of-Bounds Memory Access, Which Caused The Crowdstike's Incident

Aug 14, 2024 By Code Intelligence In Code Intelligence
The Crowdstrike incident is a recent example of out-of-bounds memory access in C/C++ causing a crash. CrowdStrike reported that problematic content in Channel File 291 triggered an out-of-bounds memory read, leading to a Windows operating system crash (BSOD). Another critical example with the exact root cause is the Heartbleed vulnerability, which affected the OpenSSL library. Remarkably, fuzz testing could identify this issue in less than 10 seconds. Watch the video to see fuzz testing in action.
View Video
code intelligence

The V-model and its role in testing embedded software

Aug 8, 2024 By Natalia Kazankova In Code Intelligence
Embedded software development presents unique challenges due to its close integration with hardware, strict real-time requirements, and the need for high reliability and safety. The V-Model, also known as the Verification and Validation model, offers a structured approach that effectively addresses these challenges. This blog post delves into the V-Model's intricacies and elucidates how it enhances the testing of embedded software.
Read Post
code intelligence

Top 5 reasons to fuzz embedded systems

Aug 2, 2024 By Natalia Kazankova In Code Intelligence
One of the most effective security testing methods for embedded systems is fuzz testing. It’s the fastest way to identify memory corruption errors and their root cause. It enables a shift-left testing approach, recommended by many industry standards, and reaches up to 100% code coverage. Read on for the details.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.