Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

August 2024

code intelligence

Understanding Out-of-Bounds Memory Access Vulnerabilities and Detecting Them with Fuzz Testing

Aug 22, 2024 By Khaled Yakdan In Code Intelligence
Out-of-bounds memory access, also known as buffer overflow, occurs when a program tries to read from or write to a memory location outside the bounds of the memory buffer that has been allocated for it. This type of vulnerability is particularly dangerous because it can lead to various issues, including crashes, data corruption, sensitive data leaks, and even the execution of malicious code.
Read Post

Detecting Out-of-Bounds Memory Access, Which Caused The Crowdstike's Incident

Aug 14, 2024 By Code Intelligence In Code Intelligence
The Crowdstrike incident is a recent example of out-of-bounds memory access in C/C++ causing a crash. CrowdStrike reported that problematic content in Channel File 291 triggered an out-of-bounds memory read, leading to a Windows operating system crash (BSOD). Another critical example with the exact root cause is the Heartbleed vulnerability, which affected the OpenSSL library. Remarkably, fuzz testing could identify this issue in less than 10 seconds. Watch the video to see fuzz testing in action.
View Video
code intelligence

The V-model and its role in testing embedded software

Aug 8, 2024 By Natalia Kazankova In Code Intelligence
Embedded software development presents unique challenges due to its close integration with hardware, strict real-time requirements, and the need for high reliability and safety. The V-Model, also known as the Verification and Validation model, offers a structured approach that effectively addresses these challenges. This blog post delves into the V-Model's intricacies and elucidates how it enhances the testing of embedded software.
Read Post
code intelligence

Top 5 reasons to fuzz embedded systems

Aug 2, 2024 By Natalia Kazankova In Code Intelligence
One of the most effective security testing methods for embedded systems is fuzz testing. It’s the fastest way to identify memory corruption errors and their root cause. It enables a shift-left testing approach, recommended by many industry standards, and reaches up to 100% code coverage. Read on for the details.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.