Application testing.
Reinvented.
Java, JavaScript/TypeScript
Start now to boost your tests. Focus on creating business value and let CI Fuzz protect you from any unexpected behavior of your code.
Starter
Local work for up to 5 developers. Java or JavaScript/TypeScript only.
No additional support.
per language per seat per month
- CI Fuzz included
- First month free
- One hour "jump start session" free
- Java or JavaScript
- Efficient testing with automated test case generation
- Includes protection against various security threats
- Built for Java&JUnit5 and JavaScript/TypeScript&JEST
- Fully integrated in the IDE
- Findings with full Stack Trace, no False Positives
- Local execution on your OS (Linux, Mac and Windows)
- Full transparency: Combine human and artificial intelligence
Small Team
per language per seat per month
- CI Fuzz included
- CI Sense included (single server)
- First month free
- One hour "jump start session" free
- Java or JavaScript
- Use a separate server for deep remote testing
- Limited one-server CI/CD integration.
- View your testing progress
- Guidance for test optimization
- Assess and report on code quality (merged code coverage)
- Manage findings centrally (deduplication, plan, ignore)
- Integrate with ticketing systems
Enterprise
Unlimited scaling of server capacity.
Contact us for your enterprise license
to test your projects.
- CI Fuzz included
- CI Sense included (full version)
- CI Spark included
- Java, JavaScript, C/C++
- Flexible user licenses
- Unlimited server capacity for CI/CD and all remote testing
- Benefit from CI Spark for fully automated generation of tests
- SSO support
- Experts Exchange
- Custom solutions
- Includes a solution oriented support package tailored to your needs
- Ensure you stick to standards and are always compliant
- API to integrate with your systems and workflows
Starter
Java, JavaScript/TypeScript
Start now to boost your tests. Focus on creating business value and let CI Fuzz protect you from any unexpected behavior of your code.
per language per seat per month
- First month free
- One hour "jump start" free
- Efficient testing with automated test case generation
- Includes protection against various security threats
- Built for Java&JUnit5 and JavaScript/TypeScript&JEST
- Fully integrated in the IDE
- Findings with full Stack Trace, no False Positives
- Local execution on your OS (Linux, Mac and Windows)
- Full transparency: Combine human and artificial intelligence
Small Team
Java, JavaScript/TypeScript
Start now to boost your tests. Focus on creating business value and let CI Fuzz protect you from any unexpected behavior of your code.
per language per seat per month
- First month free
- One hour "jump start" free
- CI Fuzz included
- Use a separate server for deep remote testing
- CI/CD for continuous testing
- View your testing progress
- Guidance for test optimization
- Assess and report on code quality (merged code coverage)
- Manage findings centrally (deduplication, plan, ignore)
- Integrate with ticketing systems
Enterprise
Java, JavaScript/TypeScript
Start now to boost your tests. Focus on creating business value and let CI Fuzz protect you from any unexpected behavior of your code.
Contact us for your enterprise license to test your C/C++ projects.
- CI Fuzz included
- CI Sense included
- Flexible user licenses
- Run with unlimited remote testing capacity
- Ensure quality and security of your C/C++ projects
- Benefit from CI Spark for fully automated generation of tests.
- SSO support
- Experts Exchange
- Custom solutions
- Includes a solution oriented support package tailored to your needs
- Ensure you stick to standards and are always compliant
- API to integrate with your systems and workflows
Frequently asked questions
Does CI Fuzz find all bugs in software?
No other testing method can generate most relevant test cases faster. While executing we find most issues like exception’s error responses or security vulnerabilities. Testing the business logic for the expected results will still be done with a few standard tests.
CI Fuzz does find all the unexpected behavior for edge case input. Does it find all security issues?
We focus on OWASP Top 10 issues and protect against injections of various types, remote code execution and many more. For system and infrastructure security (server versions, web server configuration, fire walls) use methods like pen testing.
Can CI Fuzz help with functional testing as well?
Wherever you can ensure some code to be functional by e.g. processing an input and in another call undoing this with the output, CI Fuzz can safely test this is the case for all potential input. When you need to ensure a new code segment produces the same results as old code did, CI Fuzz is your tool. CI Fuzz will not be able to check your business logic: Certain input needs to result in certain output. For this you will use your standard tests.
What in a nutshell makes CI Fuzz so special?
It is the different approach. Typical tests check one input and ensure specific output. May it be the expected business processing. May it be input considered to be invalid and handled properly. CI Fuzz automatically finds input that causes different code to be executed. CI Fuzz hooks in all calls and evaluation of conditions like if-then-else and finds ways to trigger different results. And on top and while doing this, all code is security checked.
Can CI Fuzz reach 100% code coverage?
Yes, absolutely. For some code additional input from the person knowing the code might be needed to get the last mile from 80 to 100. CI Sense allows to analyze and easily add required information.
Is there an easy rule of thumb when exactly CI Fuzz replaces a lot of tests and allows to focus on business logic?
In all situations where you can envision a test "Under no circumstances X must ever happen", CI Fuzz is your help to fully cover. You just add a few standard tests to ensure business logic. Security is tested on the fly. All done.
No other testing method can generate most relevant test cases faster. While executing we find most issues like exception’s error responses or security vulnerabilities. Testing the business logic for the expected results will still be done with a few standard tests.
We focus on OWASP Top 10 issues and protect against injections of various types, remote code execution and many more. For system and infrastructure security (server versions, web server configuration, fire walls) use methods like pen testing.
Wherever you can ensure some code to be functional by e.g. processing an input and in another call undoing this with the output, CI Fuzz can safely test this is the case for all potential input. When you need to ensure a new code segment produces the same results as old code did, CI Fuzz is your tool. CI Fuzz will not be able to check your business logic: Certain input needs to result in certain output. For this you will use your standard tests.
It is the different approach. Typical tests check one input and ensure specific output. May it be the expected business processing. May it be input considered to be invalid and handled properly. CI Fuzz automatically finds input that causes different code to be executed. CI Fuzz hooks in all calls and evaluation of conditions like if-then-else and finds ways to trigger different results. And on top and while doing this, all code is security checked.
Yes, absolutely. For some code additional input from the person knowing the code might be needed to get the last mile from 80 to 100. CI Sense allows to analyze and easily add required information.
In all situations where you can envision a test "Under no circumstances X must ever happen", CI Fuzz is your help to fully cover. You just add a few standard tests to ensure business logic. Security is tested on the fly. All done.
Still got questions? We are here to help.
Security resources
CARIAD Improves Secure Software Development
CI and Google Secure Open-Source JavaScript Landscape