Code Intelligence

𝗧𝗵𝗲 𝗙𝗗𝗔 𝗮𝗱𝘃𝗼𝗰𝗮𝘁𝗲𝘀 𝗳𝗼𝗿 𝗳𝘂𝘇𝘇 𝘁𝗲𝘀𝘁𝗶𝗻𝗴 𝘄𝗵𝗲𝗻 𝘁𝗲𝘀𝘁𝗶𝗻𝗴 𝗺𝗲𝗱𝗶𝗰𝗮𝗹 𝗱𝗲𝘃𝗶𝗰𝗲𝘀. This is stated in the FDA's guidance on cybersecurity in medical devices and in AAMI TIR 57:2016, which is recognized by the FDA as state-of-the-art. If you don’t follow these guidelines, you won’t get market approval for the US market. Download this white paper to learn more about: 📃 The FDA's cybersecurity requirements ✅ 4 reasons why fuzzing is highly recommended 🎯 The role of fuzzing in compliance. You can download the full white paper here: https://hubs.ly/Q02Hpk-10

⚠️ 𝗩̲𝘂̲𝗹̲𝗻̲𝗲̲𝗿̲𝗮̲𝗯̲𝗶̲𝗹̲𝗶̲𝘁̲𝗶̲𝗲̲𝘀̲ ̲𝘂̲𝗻̲𝗰̲𝗼̲𝘃̲𝗲̲𝗿̲𝗲̲𝗱̲ ̲𝗯̲𝘆̲ ̲𝗳̲𝘂̲𝘇̲𝘇̲ ̲𝘁̲𝗲̲𝘀̲𝘁̲𝗶̲𝗻̲𝗴̲ ̲𝗶̲𝗻̲ ̲𝗖̲ ̲𝗮̲𝗻̲𝗱̲ ̲𝗖̲ ̲ ̲ ⚠️ Fuzz testing has proven to be especially effective in identifying bugs in embedded systems, which are usually written in C and C . 𝗦𝗲𝗲 𝘁𝗵𝗲 𝗳𝘂𝗹𝗹 𝗹𝗶𝘀𝘁 𝗼𝗳 𝘂𝗻𝗰𝗼𝘃𝗲𝗿𝗲𝗱 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗯𝗲𝗹𝗼𝘄, 𝗮𝗻𝗱 𝗹𝗲𝗮𝗿𝗻 𝗺𝗼𝗿𝗲 𝗮𝗯𝗼𝘂𝘁 𝗵𝗼𝘄 𝗳𝘂𝘇𝘇𝗶𝗻𝗴 𝗰𝗮𝗻 𝗮𝗶𝗱 𝗶𝗻 𝘁𝗲𝘀𝘁𝗶𝗻𝗴 𝗲𝗺𝗯𝗲𝗱𝗱𝗲𝗱 𝘀𝘆𝘀𝘁𝗲𝗺𝘀 𝗯𝘆 𝗿𝗲𝗮𝗱𝗶𝗻𝗴 𝗼𝘂𝗿 𝗴𝘂𝗶𝗱𝗲: "Best Practices for Embedded Software Security Testing" - https://hubs.li/Q02Gb7qy0.

New Day - New Energy! 🔈 DAY 2 ! Visit us at stand A47 and grab a Code Intelligence hoodie! 😎 𝗟𝗲𝘁'𝘀 𝗰𝗵𝗮𝘁 𝗮𝗯𝗼𝘂𝘁 𝗸𝗲𝗲𝗽𝗶𝗻𝗴 𝗰𝗿𝗶𝘁𝗶𝗰𝗮𝗹 𝗯𝘂𝗴𝘀 𝗼𝘂𝘁 𝗼𝗳 𝘆𝗼𝘂𝗿 𝗰𝗼𝗱𝗲 - 𝗘𝘅𝗽𝗲𝗿𝗶𝗲𝗻𝗰𝗲 𝗳𝘂𝘇𝘇 𝘁𝗲𝘀𝘁𝗶𝗻𝗴 𝗳𝗶𝗿𝘀𝘁𝗵𝗮𝗻𝗱! The booth was packed yesterday & the team is ready for the next round of conversations @ WeAreDevelopers! 🔥 Say hi to Ayush Sharma, Natalia Kazankova, Philip Betzler & Leoni Lückow #fuzzing #security #code #testing #embeddedsoftware #CIfuzz

What a fantastic first day @ WeAreDevelopers World Congress!! Thank you all for joining us today and a special congrats to our Grand Prize Winner Burçin Yurdakul 🏎 Look forward to another exciting day tomorrow! 𝗦𝗲𝗲 𝘆𝗼𝘂 𝗮𝗹𝗹 𝗮𝘁 𝗕𝗼𝗼𝘁𝗵 𝗔𝟰𝟳. 𝗟𝗲𝘁'𝘀 𝘁𝗮𝗹𝗸 𝗮𝗯𝗼𝘂𝘁: How to Uncover edge-case bugs and critical vulnerabilities with every code change in C/C projects. #CIFuzz #codecoverage #security #testing #embeddedsoftware #fuzzing

Is Your CODE Good To Commit? Find out @ the Code Intelligence Booth A47! Join us @WeAreDevelopers - give the wheel a spin - get a chance at winning one of our unique hoodies or the Grand PRIZE the McLaren Lego Set! 🏎 #codesecurity #cybersecurity #testing #CIFuzz #AI #EmbeddedSoftware

See you tomorrow WeAreDevelopers World Congress Berlin! 🔊 𝗕𝗼𝗼𝘁𝗵 𝗥𝗲𝗮𝗱𝘆 𝗔𝟰𝟳 - 𝗧𝗲𝗮𝗺 𝗦𝘁𝗼𝗸𝗲𝗱 - 𝗦𝘄𝗮𝗴 𝗼𝗻 𝗛𝗮𝗻𝗱! 😎 Looking forward to having great discussions onsite - 𝙬𝙚 𝙨𝙩𝙞𝙡𝙡 𝙝𝙖𝙫𝙚 𝙖 𝙛𝙚𝙬 𝙨𝙡𝙤𝙩𝙨 𝙡𝙚𝙛𝙩 𝙛𝙤𝙧 𝙖 𝙥𝙚𝙧𝙨𝙤𝙣𝙖𝙡𝙞𝙨𝙚𝙙 1-1 𝙩𝙚𝙘𝙝𝙣𝙞𝙘𝙖𝙡 𝙚𝙭𝙥𝙚𝙧𝙩 𝙘𝙝𝙖𝙩 - reserve time now: https://lnkd.in/dnxnvpi7 Ayush Sharma Natalia Kazankova Philip Betzler Leoni Lückow #CISpark #embeddedsoftware #security #compliance #medtech #automotive #CIFuzz

Join Natalia Kazankova on September 5th as she unwraps how fuzz testing complements static analysis in automotive software! Don't miss the chance to learn about detecting vulnerabilities early on! More details below 👇

𝙏𝙝𝙚 𝙁𝘿𝘼 𝙖𝙙𝙫𝙤𝙘𝙖𝙩𝙚𝙨 𝙛𝙤𝙧 𝙛𝙪𝙯𝙯 𝙩𝙚𝙨𝙩𝙞𝙣𝙜 𝙬𝙝𝙚𝙣 𝙩𝙚𝙨𝙩𝙞𝙣𝙜 𝙢𝙚𝙙𝙞𝙘𝙖𝙡 𝙙𝙚𝙫𝙞𝙘𝙚𝙨. This is stated in the FDA's guidance on cybersecurity in medical devices and in AAMI TIR 57:2016, which is recognized by the FDA as state-of-the-art. 𝗜𝗳 𝘆𝗼𝘂 𝗱𝗼𝗻’𝘁 𝗳𝗼𝗹𝗹𝗼𝘄 𝘁𝗵𝗲𝘀𝗲 𝗴𝘂𝗶𝗱𝗲𝗹𝗶𝗻𝗲𝘀, 𝘆𝗼𝘂 𝘄𝗼𝗻’𝘁 𝗴𝗲𝘁 𝗺𝗮𝗿𝗸𝗲𝘁 𝗮𝗽𝗽𝗿𝗼𝘃𝗮𝗹 𝗳𝗼𝗿 𝘁𝗵𝗲 𝗨𝗦 𝗺𝗮𝗿𝗸𝗲𝘁 🇺🇲 If you're involved in medical device development, download our white paper to learn more about: ➡ The FDA's cybersecurity requirements ➡ 4 reasons why fuzzing is highly recommended ➡ The role of fuzzing in compliance Many thanks to Lorit Consultancy and Verena Wieser for guiding us through the intricacies of medical security regulations and sharing their expertise with us. Claim your free white paper here: https://lnkd.in/d-RtMMuK #fuzztesting #medicaldevices #cybersecurity

Six Underappreciated Challenges Hindering the Adoption and Effectiveness of Fuzz Testing. When discussing fuzz testing, conversations often focus on the differences and advantages of various fuzzing engines, such as libFuzzer and AFL . While these aspects are important, several frequently overlooked challenges significantly hinder the adoption of fuzz testing. 1️⃣ Selecting the Best Candidates to Fuzz: Especially in a large codebase, deciding which functions or APIs to test is crucial. Ideally, you start with a small set of public APIs that maximize fuzzing impact, such as code coverage and the number of bugs found. 2️⃣ Writing Realistic Fuzz Tests: Like unit tests, fuzz tests should respect the API contract and include necessary initialization and cleanup code. Incorrect API use can lead to false positives. 3️⃣ Maintaining Existing Fuzz Tests: As your code evolves, you should update your fuzz tests and keep them in sync with the code they test. 4️⃣ Ensuring High-Quality Fuzz Tests: High-quality fuzz tests achieve good code coverage by testing various ways an API is expected to be used. This increases the possibility of reaching good code coverage and consequently triggering more bugs. 5️⃣ Promptly Fixing Found Issues: When you start fuzzing a new project, there will be an initial burst of bugs. Often, these represent fuzzing blockers as the fuzzer will hit them over and over again, preventing it from further exploring your code. Generally, the faster you can fix bugs, the more effective the subsequent fuzzing runs become. 6️⃣ Integration into Developer Workflows: Seamlessly incorporating fuzz testing into CI/CD pipelines is key to continuous testing and quick feedback cycles, ensuring that fuzz testing is a routine part of development. By addressing these scalability challenges, you can unlock the full potential of fuzz testing and achieve its significant benefits. #fuzzing #softwaretesting #softwaresecurity

📢 𝗡𝗲𝘄 𝗩𝗲𝗿𝘀𝗶𝗼𝗻! 𝙐𝙋𝘿𝘼𝙏𝙀𝘿 𝗪𝗛𝗜𝗧𝗘 𝗣𝗔𝗣𝗘𝗥 𝗔𝗟𝗘𝗥𝗧 📢 Embedded Software Security Testing Guide🚨 BEST PRACTICES 𝙄𝙣𝙨𝙞𝙙𝙚, 𝙔𝙤𝙪'𝙡𝙡 𝘿𝙞𝙨𝙘𝙤𝙫𝙚𝙧: ➡ Top 7 challenges of embedded testing. ➡ Two main embedded software testing technologies: static and dynamic. ➡ What fuzz testing is. ➡ Five reasons to fuzz embedded systems. 𝗚𝗥𝗔𝗕 𝗬𝗢𝗨𝗥 𝗙𝗥𝗘𝗘 𝗚𝗨𝗜𝗗𝗘 𝗡𝗢𝗪 https://hubs.ly/Q02Gk-GB0