%term

7 Battle-Tested Tips for Using a DAST Scanner

Feb 22, 2023 By Aurore Inara In Spectral

While modern web applications are growing in complexity, the threat landscape is also constantly evolving. It can be difficult for developers to identify and remediate vulnerabilities in their code, especially if they need more expertise in security. As a result, manual application security testing has become ever more challenging and intricate.

Read Post

Spectral

Read more about 7 Battle-Tested Tips for Using a DAST Scanner

Code Intelligence Integrates with Jest to Enable Developers to Test JavaScript for Vulnerabilities

Feb 16, 2023 By Code Intelligence In Code Intelligence

Developers who run unit tests in Jest can now test their JavaScript applications for bugs and security vulnerabilities, including remote code execution, cross-site scripting, and injections.

Read Post

Code Intelligence

Read more about Code Intelligence Integrates with Jest to Enable Developers to Test JavaScript for Vulnerabilities

Automated Fuzzing | How You Can Find the Log4j Vulnerability in Less Than 10 Minutes

Feb 10, 2023 By Code Intelligence In Code Intelligence

While most developers rely on unit testing to test whether their application behaves as expected, complementary testing approaches such as automated fuzz testing can enable them to also check their applications for unexpected or strange behaviors that could lead to crashes and make them vulnerable to Denial of Service (Dos) attacks or Zero-Day exploits, or Remote Code Execution (RCE) attacks such as the recent Log4j vulnerability.

View Video

Code Intelligence

Read more about Automated Fuzzing | How You Can Find the Log4j Vulnerability in Less Than 10 Minutes

How to Fuzz JavaScript with Jest and Jazzer.js

Feb 10, 2023 By Khaled Yakdan In Code Intelligence

In this post, we will show how you can write fuzz tests for your JavaScript projects in Jest as easily as regular unit tests. To make this possible, we have added integration for Jazzer.js into Jest, which enables you to write fuzz tests using the familiar Jest API. Additionally, you get great IDE support with features such as debugging and test coverage reporting out-of-the-box. This integration enables a smooth user experience with the advanced fuzzing technology provided by Jazzer.js.

Read Post

Code Intelligence

Read more about How to Fuzz JavaScript with Jest and Jazzer.js

How CI/CD-Integrated Fuzzing Improves Automotive Software Security

Feb 10, 2023 By Daniel Teuchert In Code Intelligence

As vehicles are becoming increasingly dependent on software, automotive software teams are adopting CI/CD (continuous integration and continuous deployment/delivery). This enables them to build, test, and deploy code faster than ever while simultaneously reducing potential maintenance costs. In automotive projects, functional and security bugs can be highly consequential, especially if they are found in the later stages of software development or, even worse, after shipping.

Read Post

Code Intelligence

Read more about How CI/CD-Integrated Fuzzing Improves Automotive Software Security

Code Intelligence and Google Collaborate to Secure the Open-Source JavaScript Landscape

Feb 8, 2023 By Code Intelligence In Code Intelligence

Collaboration will allow open-source developers to continuously test their JavaScript components for bugs and vulnerabilities, and assist them in writing more secure and reliable code.

Read Post

Code Intelligence

Read more about Code Intelligence and Google Collaborate to Secure the Open-Source JavaScript Landscape

How To Do Unit Testing In Java

Feb 8, 2023 By Josh Grant In Code Intelligence

Unit testing is a crucial aspect of software development and helps to ensure that individual units of code are working as intended. In Java, the most popular framework for unit testing is JUnit. In this article, we will go over the basics of how to write and run unit tests in Java using the popular testing framework, as well as some best practices for unit testing.

Read Post

Code Intelligence

Read more about How To Do Unit Testing In Java

How to build a unified workflow for functional and security testing using JUnit

Feb 6, 2023 By Code Intelligence In Code Intelligence

How to build a unified workflow for functional and security testing using JUnit

View Video

Code Intelligence

AST
Security

Read more about How to build a unified workflow for functional and security testing using JUnit

Should your team really run DAST in staging environments?

Feb 2, 2023 By Rickard Carlsson In Detectify

TL;DR: There is a common belief that when it comes to uncovering bugs in the DevSecOps cycle, catching things early on is often better. While this approach certainly works well for Software Composition Analysis (SCA) and Static Application Security Testing (SAST), it doesn’t really apply to Dynamic Application Security Testing (DAST) in modern environments.

Read Post

Detectify

Read more about Should your team really run DAST in staging environments?

Unit Testing vs Fuzz Testing - Two Sides of the Same Coin?

Jan 30, 2023 By Josh Grant In Code Intelligence

Most developers, including myself, have written unit tests before. Fuzz testing on the other hand has only started seeing widespread industry usage in recent years. Yet, some voices are already praising fuzz testing as the more effective approach, due to its ability to automatically generate negative and invalid test inputs. Let's put this claim to the test and see how these two approaches match up.

Read Post