At the 6th de:hub Pitch Night, an event celebrating innovation and digital transformation, Code Intelligence was honored with the prestigious German AI Award. This recognition, awarded by a distinguished jury of industry experts and investors, underscores Code Intelligence’s pivotal role in advancing software security through artificial intelligence.

Fuzz testing is most commonly classified based on its analysis approach. The two main categories of fuzz testing solutions are white-box and black-box fuzzers. In this blog, we explain the difference between approaches as well as their main features.

We are super excited to announce the discovery of a heap-based use-after-free vulnerability in wolfSSL, identified through a fuzz test automatically generated by an AI Test Agent. This marks another milestone in advancing automated security testing and demonstrates the power of AI-driven tools to improve software reliability and safety.

White-box fuzz testing has proven highly effective in finding critical bugs and vulnerabilities. Tech giants like Google and Microsoft uncover thousands of issues using this method. But why doesn’t every company adopt fuzz testing as part of their testing strategy? The main barrier is the high level of manual effort and the extensive time required to properly set it up and maintain it.

The market of embedded computing has been growing constantly, and this trend is expected to continue in the near future. Notably, embedded systems are key components for the Internet of Things (IoT) and for Cyber Physical Systems (CPSs). In the embedded software industry, secure software development is critical. This is especially true because embedded software often involves vital industries, such as medical devices or automotive solutions.

We are beyond excited to share some fantastic news with our community: Jazzer is now fully open source again under the Apache 2.0 license!

Buffer overflows are one of the oldest and most dangerous vulnerabilities in software security. A heap buffer overflow was the second most exploited vulnerability in 2023. Over the years, it has enabled countless attacks, often with severe consequences, such as Cloudbleed in 2017. Despite advances in security practices, buffer overflows continue to pose significant risks, especially in software written in low-level languages like C and C++.

Testing Classic AUTOSAR applications has long been a significant challenge due to the reliance on hardware-in-the-loop (HiL) setups, which are costly, complex, and hard to scale. Code Intelligence’s new lightweight AUTOSAR simulator revolutionizes this process by enabling entire AUTOSAR applications to run on x86 Linux systems, thus facilitating software-in-the-loop (SiL) testing.