What startup does already count Deutsche Börse, Bosch and Deutsche Telekom among its customers? Code Intelligence brings an important innovation to the software testing process: the CI testing solution is based on a new revolutionary concept of coverage-based fuzzing that eliminates a lot of manual work and existing integration problems.
All existing software testing methods have their strong and weak sides.
Static code analysis (SAST) often contains a large number of false positives. Besides, it does not test the program during its execution, so the exact program behavior (especially with user input) cannot be predicted.
Dynamic code analysis (DAST) mostly requires manual effort and can only with work pre-defined inputs.
Although fuzzing is a known technique and is already used by pentesters, this method is rather costly and does not scale very well.
Coverage-based fuzzing with Sanitizers developed by Code Intelligence solves these problems by adapting advanced pentesting technology to users with no fuzzing expertise. Besides, it increases the efficiency of the fuzzing process through the use of coverage information and smart input generation.
Find the full article here (in German).