Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Demo: AI Test Agent in Action Discover the benefits of CI Fuzz 2.0, our powerful tool that simplifies fuzzing to a single command. The demo will also highlight root cause analysis capabilities, showcasing how vulnerabilities can be identified and addressed efficiently, this demo will uncover several real-world severe vulnerabilities uncovered by AI Test Agent in widely used open-source libraries during the past few months.

Introducing “Spark” Code Intelligence’s AI Test Agent Fuzz testing is a proven powerhouse for uncovering critical bugs, yet its full potential often goes untapped due to the heavy manual workload it demands. But what if that effort could be a thing of the past? Enter “Spark” Code Intelligence’s AI Test Agent—a revolutionary solution that automates the discovery of vulnerabilities, bringing the power of advanced security testing, like fuzzing, into reach for all.

Despite wolfSSL’s rigorous software testing practices, in October 2024, Code Intelligence—an application security vendor—discovered a potentially exploitable defect in wolfSSL. Remarkably, the potential vulnerability was found without human intervention. The only manual step was executing a single command to trigger autonomous fuzz testing. Watch the video for a live demo of AI-automated fuzzing.

A few weeks ago, we introduced Spark, an AI Test Agent that autonomously uncovers bugs in unknown code with just a single command. Watch the video to see how Spark generated 3 successful fuzz tests, identified a severe vulnerability, and achieved 79% code coverage with just one command. Spark has already identified several real-world vulnerabilities in open-source projects, even those that are continuously fuzzed.

Testing Classic AUTOSAR applications has long been a significant challenge due to the reliance on hardware-in-the-loop (HiL) setups, which are costly, complex, and hard to scale. In this free webinar, Khaled Yakdan explains how a Tier-1 automotive supplier implemented Code Intelligence’s AUTOSAR simulator and enabled Software-in-the-Loop testing. Dr. Khaled Yakdan, Chief Product Officer, of Code Intelligence, also explains how this approach helps catch more critical bugs that can be accessed externally, speeds up security testing, and reduces hardware dependency.

In previous videos, you've seen that LLM can generate fuzz tests. But what if AI fails to produce a working test or to cover specific workflows that are unavailable as unit tests or usage examples in the code base? You can prompt AI to make changes. Here is how the "Interactive mode" works in CI Fuzz.

After generating fuzz tests with LLMs, the next important step is verifying that these tests are of high quality and ensuring they run and work as intended. CI Fuzz can now automatically build the generated fuzz test, run it, and perform a health check to assess its quality and refine it further if it doesn't pass the health check. Watch the video to see it in action.

Creating high-quality fuzz tests is essential for efficient fuzz testing. However, crafting these tests is a time-consuming, manual process, which has become a major barrier to the widespread adoption of fuzz testing. Watch the video to see how CI Fuzz can automatically generate high-quality fuzz tests by leveraging LLMs and static analysis.

The first step to start fuzzing is to identify what part of the software you want to fuzz. You definitely want to fuzz the most critical functions/APIs—those that exercise a significant amount of code and trigger key functionalities. However, manually identifying these targets can be time-consuming and challenging. Watch the video to see how CI Fuzz can automatically prioritize functions for fuzzing.

If you want to automate your code analysis to identify the best fuzzing targets, you can do so with CI Fuzz. In the previous video, Khaled demonstrated how CI Fuzz automatically prioritized functions to test. But what if you already have unit or fuzz tests? CI Fuzz can analyze an LCOV coverage report and identify less-covered functions. These functions will now receive higher scores, highlighting them as top targets for new tests.