Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AST

Top Six Most Dangerous Vulnerabilities in C and C++

C and C++ programming are notorious for being bug-prone. Let’s look at the most dangerous software weaknesses in 2024 that are relevant for C and C++, so that you know what type of issues to test your code against in 2025. We examined the 2024 CWE Top 25 Most Dangerous Software Weaknesses list developed by Common Weakness Enumeration (CWE) and identified weaknesses relevant to C/C++. These weaknesses can become vulnerabilities. We explained how they occur and how you can uncover them.

Top Fuzz Testing Tools of 2025: Feature Comparison

In 2025, fuzz testing has become an essential practice for ensuring software security and reliability. By identifying vulnerabilities through randomized input testing, fuzzing helps development teams uncover bugs that traditional testing methods—such as static analysis and penetration testing—often miss. With rapid advancements in security tools, let’s explore the top fuzz testing tools of 2025, their key features, benefits, and how they compare.

AI-Powered Remediation: Mend SAST Performs +46% Better Than Competitors

Security teams face limited resources and a growing attack surface while developers struggle with security responsibilities that feel burdensome, annoying, or seem to conflict with their first priorities. AppSec teams turn to static application security testing (SAST) tools to identify vulnerabilities in first-party code early in the software development lifecycle while developers can still fix issues before the code is old and forgotten about.

Meet Spark, an AI Test Agent That Autonomously Uncovers Vulnerabilities

We’re thrilled to announce the general availability of Spark, an AI Test Agent that lowers the entry barrier to white-box fuzz testing. In this blog, we explain how Spark works and share the main results from its beta testing that prove its effectiveness.

Static Application Security Testing (SAST): What You Need to Know

Modern software applications operate within increasingly complex ecosystems, spanning multiple layers of the stack—from the user interface and application logic to APIs, databases, and third-party dependencies. Each layer introduces unique vulnerabilities, often requiring specialized domain expertise to identify and mitigate.

How Detectify embraces the best of both DAST and ASM

Below, we’ll take a look at how both DAST as a methodology and DAST as a tool relate to what we do at Detectify. More specifically, we’ll explain how Detectify’s solution applies DAST methodology to the full breadth of an attack surface, automating the heck out of application security testing. With these methods, we cover millions of domains before you’ve even had breakfast.

How Detectify embraces the best of both DAST and ASM

Below, we’ll take a look at how both DAST as a methodology and DAST as a tool relate to what we do at Detectify. More specifically, we’ll explain how Detectify’s solution applies DAST methodology to the full breadth of an attack surface, automating the heck out of application security testing. With these methods, we cover millions of domains before you’ve even had breakfast.

Code Intelligence Wins Prestigious German AI Award at de:hub Pitch Night 2025

At the 6th de:hub Pitch Night, an event celebrating innovation and digital transformation, Code Intelligence was honored with the prestigious German AI Award. This recognition, awarded by a distinguished jury of industry experts and investors, underscores Code Intelligence’s pivotal role in advancing software security through artificial intelligence.

Black Duck SCA & Coverity Static Analysis (SAST) Integrations with Amazon AWS CI Tools | Black Duck

DevOps teams are rearchitecting their applications from monoliths to microservices, fueled by containerization and CI/CD. As application development moves to the cloud, security testing tools must follow. Application security testing solutions by Black Duck support the CI/CD tools you already use, including AWS Developer Tools. Coverity static analysis identifies security and quality issues in code as it is being built. To invoke a Coverity scan in AWS CodeBuild, simply add the steps to your application’s build specifications.