Menu
     Industry

    Telecommunication

     Department

    Test Center

     Size

    > 20 000 employees

     Location

    Bonn, Germany

    The Results

    Added Business Values

    Through the reduced manual effort, the test cycles speed up. Telekom security experts are now able to complete projects faster than ever and can also accept and deliver more new projects. Furthermore, even testers without security knowledge are now able to implement and conduct state-of-the-art security technology. 

     Cost Reduction 

    Saves 60% of developer time through the fully automated solution and easy-to-use IDE plugin.

     Increase in Productivity 

    Maximizes productivity of costly developers on programming code instead of hunting bugs and security issues.

     Easy Setup 

    Effortless setup of fuzzing for all software projects. The agnostic approach ensures seamless integration into the existing process landscape.

     Usable Modern Fuzzing 

    Modern software tests without expert knowledge, supported by preloaded settings and an intelligent execution engine.

    Rule of Ten
    Telekom
    "With Code Intelligence, securing your software can take new paths in terms of quality and efficiency."
    thomastschersich1
    Thomas Tschersich
    Chief Security Officer // Deutsche Telekom AG
    The Challenge

    Simplify the Use of Advanced Fuzzing Practices

    Telekom's success story begins with implementing feedback-based application security testing (FAST) in order to increase the security and quality of the tested software. The Telekom testing team has already been using open-source fuzzing tools such as AFL or libFuzzer for quite some time, but the testing experts also experienced pain points associated with the powerful but complex technology.

    Automate Manual Efforts

     Using open-source fuzzers involves a huge amount of manual effort (up to 3 weeks per project).

    Overcome High Complexity

     Open-source fuzzing tools like AFL or libFuzzer require advanced knowledge.

    Handle Lack of Security Experts

     Due to the lack of professionals on-the-job market, the department was not able to take on all incoming projects.

    Setup
    The Solution

    Fuzz Testing Platform CI Fuzz

    With this in mind, Telekom implemented CI Fuzz at the beginning of June 2019 as an easy-to-use testing platform for feedback-based fuzzing.

    Shortened Testing Time

      The use of CI Fuzz has already produced measurable results in a short time. Thanks to the simplified deployment of new test projects and the user-friendly interface, the Telecom Test Center is now able to test projects in a fraction of the time: one of the testers stated that the test time per project had fallen by 66%. 

    Advanced Bug Detection

     In addition, Code Intelligence has implemented structure-aware fuzzing as a new feature, resulting in increased efficiency of the fuzzing engine. Not only software bugs but also critical security vulnerabilities leading to CVEs (Common Vulnerabilities and Exposures) have been uncovered. 

    Screenshot of the CI Fuzz testing platform

    What The Future Holds

    Telekom and Code Intelligence are now working together on the roll-out of CI Fuzz to the entire Telekom corporation. The vision is to realize a „shift-left“ in the software development lifecycle (SDLC), so that feedback-based fuzzing is used not only around test centers but also already during software development. In this case, development teams can be supported in creating more secure software and the test center has more capacity for external assignments.

    What the Future Holds

    Get Started With CI Fuzz

    Talk to our developers to learn how the CI Fuzz testing platform can help you provide secure and reliable software.

    Get Started