Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AST

code intelligence

Mock Testing Embedded Systems With Fuzz Data

Nov 24, 2022 By Josh Grant In Code Intelligence

Mock testing, also called mocking, is an integral part of the embedded software development process as it allows you to test your code without relying on actual hardware. This can be extremely helpful when trying to debug your code or test new features. During fuzzing testing, applications are tested using unexpected or invalid inputs. Modern fuzzers generate these inputs based on feedback about the SUT’s interaction with previous test inputs.

Read Post

How To Improve Automotive Security | FuzzCon Europe - Automotive Edition 2022

Nov 23, 2022 By Code Intelligence In Code Intelligence
Victor Marginean from Argus Cyber Security will speak about the importance of end-to-end security verification, including fuzzing on SW and real interfaces. He will present how this can be used as a pillar integrated as part of the CI/CD and how it can also be monitored from the Vehicle Security Operating Centers used by OEMs. Victor presented this talk at FuzzCon Europe - Automotive Edition 2022. Learn more about this and more talks at fuzzcon.eu.
View Video

Fuzzing beyond Cybersecurity | FuzzCon Europe - Automotive Edition 2022

Nov 23, 2022 By Code Intelligence In Code Intelligence
In their talk, René Palige and Rosemary Joshy from Continental will share some insights on how they utilized fuzzing to improve overall software quality and how this can be integrated into existing verification and validation processes. They will further describe some of their experiences while applying coverage-guided fuzzing in ongoing automotive projects, what challenges they faced and how they overcame them.
View Video

Historical Vulnerabilities in the Automotive Space | FuzzCon Europe - Automotive Edition 2022

Nov 23, 2022 By Code Intelligence In Code Intelligence
In this talk, Andreas Weichslgartner from CARIAD will show how contemporary software engineering can help to write more secure code and detect vulnerabilities already during development. He will revisit historical vulnerabilities in the automotive space and take a look at common classes of bugs present in embedded software. Using these examples, he will show how modern programming language evolution and tooling can tackle and prevent these issues.
View Video
code intelligence

The Benefits of Negative Testing in Software Testing

Nov 23, 2022 By Josh Grant In Code Intelligence

In software testing, negative testing refers to the practice of feeding a system with unexpected or invalid inputs. Given an input field that accepts numeric values from 0-100, positive tests would assess if the application does what it's supposed to do, given input values such as "1", "2" or "99".

Read Post

Bridging the Gaps of Grey-box Fuzzing | FuzzCon Europe - Automotive Edition 2022

Nov 23, 2022 By Code Intelligence In Code Intelligence
Li Yuekang from NTU Singapore, & Dr. Sheikh Mahbub Habib from Continental present this talk. Software testing typically requires these three steps: Researchers have been focusing on improving the test case generation and execution feedback analysis while the topic of target program execution is under-studied, because executing the target program seems to be an easy task. However, through industry practice, they find that target program execution can be challenging for libraries or IoT software.
View Video
mend

SAST - All About Static Application Security Testing

Nov 16, 2022 By Ayala Goldstein In Mend

Static Application Security Testing (SAST) has been a central part of application security efforts for more than 15 years. Forrester’s State Of Application Security Report, 2022 found that lacking application security remains a leading cause of external security breaches, so it’s safe to say that SAST will be in use for the foreseeable future. Contents hide 1 What Is SAST? 2 Why do we need SAST? 3 What problems does SAST address? 4 How does SAST work?

Read Post
mend

SAST - All About Static Application Security Testing

Nov 16, 2022 By Adam Murray In Mend

Static Application Security Testing (SAST) has been a central part of application security efforts for more than 15 years. Forrester’s State Of Application Security Report, 2022 found that lacking application security remains a leading cause of external security breaches, so it’s safe to say that SAST will be in use for the foreseeable future.

Read Post
code intelligence

Embedded Testing Tools: A Comprehensive Guide

Nov 14, 2022 By Josh Grant In Code Intelligence

Due to increasing connectivity and dependencies, modern embedded applications in many industries including automotive, aviation, and even automated cow brushes (no joke) are constantly growing more complex. This complexity comes with implications for embedded testing tools and requires plenty of manual effort, depending on the toolchain. From an operational perspective, many embedded industries are tightly staffed and work in long cycles with strict deadlines.

Read Post
Subscribe to AST

Copyright © 2024 OpsMatters™. All rights reserved.