Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

code intelligence

ISO/SAE 21434 compliance in 2024: what's new and how to act

Mar 18, 2024 By Sergej Dechand In Code Intelligence
Most modern vehicles are equipped with a variety of software systems and resemble sophisticated computers on wheels. The ISO/SAE 21434 standard is a framework that provides recommendations and requirements for secure software development in the automotive industry. But what is ISO 21434 exactly? And what can we expect from automotive software security in 2024? Read on and find out!
Read Post
code intelligence

Top 8 Cybersecurity Trends for 2024

Feb 13, 2024 By Josh Grant In Code Intelligence
In 2023, cyberthreats increased and diversified, resulting in increased security challenges for organizations around the globe. Meanwhile, AI greatly increased its presence in the realm of cybersecurity. It’s time to look ahead and focus on the anticipated cybersecurity threats and trends in 2024. What can we expect from threat actors and security specialists in the upcoming year? Read on and find out!
Read Post
code intelligence

7 Challenges of Embedded Software Security Testing in 2024

Jan 23, 2024 By Sergej Dechand In Code Intelligence
We live in a world that depends on embedded software. It’s in the cars we drive, the elevators we use and the planes we travel in. As these systems become increasingly complex, the security and functionality of embedded software systems is becoming integral to software development. However, due to the nature of embedded systems, many traditional testing methods fall short of providing adequate security for them.
Read Post
code intelligence

The Role of Cybersecurity Assurance Levels in ISO 21434

Jan 11, 2024 By Sergej Dechand In Code Intelligence
The automotive industry constantly evolves, particularly in software development. From electronic control units and hardware security modules to advanced driver-assistance systems (ADAS), the complexity and functionality of automotive software have increased exponentially. This has opened new frontiers in efficiency, safety, and user experience but also introduced significant security threats.
Read Post
code intelligence

Top 18 AI Testing Tools in 2024

Oct 26, 2023 By Alexander Thiam In Code Intelligence
The impact of AI tools on software development is starting to make itself felt. As the productivity of developers increases, so does the necessity for software testing. Luckily, AI is also seeing increasing adoption in testing, enabling dev teams to ensure robust and secure software despite increasing output. In this in-depth guide, we will explore the top 18 AI testing tools in 2023 that have the potential to take your testing processes to the next level. Overview.
Read Post
code intelligence

Breaking the Barrier of Dynamic Testing: Detect and Autoconfigure Entry Points With CI Spark

Sep 11, 2023 By Khaled Yakdan In Code Intelligence
Finding deeply hidden and unexpected vulnerabilities early in the development process is key. However, time to invest in proactive tests is limited. Prioritizing speed over security is common. Our new AI-assistant CI Spark closes this gap and enables both speed and security. CI Spark makes use of LLMs to automatically identify attack surfaces and to suggest test code. Tests generated by CI Spark work like a unit test that automatically generates thousands of test cases.
Read Post
code intelligence

New Vulnerability in tree-kit: Prototype Pollution - CVE-2023-38894

Aug 16, 2023 By Roman Wagner In Code Intelligence
The maintainers have already released an update fixing the issue. Versions before 0.7.5 are affected and thus vulnerable to Prototype Pollution. We strongly recommend that impacted users upgrade to the newer version that includes the fixes, i.e., version 0.7.5 and above.We have found a new Prototype Pollution vulnerability in the JavaScript package tree-kit in all versions before 0.7.5. The maintainer of tree-kit has released an update that fixed the issue on 21 July 2023.
Read Post
code intelligence

The Risks of AI-Generated Code

Aug 9, 2023 By Sergej Dechand In Code Intelligence
AI is fundamentally transforming how we write, test and deploy code. However, AI is not a new phenomenon, as the term was first coined in the 1950s. With the more recent release of ChatGPT, generative AI has taken a huge step forward in delivering this technology to the masses. Especially for development teams, this has enormous potential. Today, AI represents the biggest change since the adoption of cloud computing. However, using it to create code comes with its own risks.
Read Post
code intelligence

Code Intelligence Finds New Vulnerability in protobufjs: CVE-2023-36665

Jul 13, 2023 By Code Intelligence In Code Intelligence
As part of Code Intelligence's ongoing efforts to improve the security of open-source software it continuously tests open-source projects with its JavaScript fuzzing engine, Jazzer.js, in Google's OSS-Fuzz. Recently Code Intelligence uncovered a new Prototype Pollution vulnerability in protobufjs (CVE-2023-36665) using its newly integrated Prototype Pollution bug detector. The vulnerability puts affected applications at risks of remote code execution and denial of service attacks.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.