Solution Study: Automating whitebox fuzz testing for software security with generative AI

Session

Automating whitebox fuzz testing for software security with generative AI

Solution Study

Monday, December 02

09:15 AM - 09:45 AM

Live in Berlin

Less Details

Whitebox fuzz testing is widely recognized as one of the most effective methods for identifying critical bugs and vulnerabilities, which is why it’s recommended by ISO 21434 and ASPICE for cybersecurity. Yet, its adoption remains limited due to the high level of expertise required and the significant manual effort involved. As the code comprehension and general reasoning ability of Large Language Models (LLMs) are constantly improving, we have been exploring how these models can be leveraged to automate the fuzzing process so that we can unlock the full potential of fuzz testing with minimal overhead.

In this session, you will learn:

Why current testing methods such as static analysis and penetration testing are insufficient for securing automotive software
Why companies like Google, Microsoft, and Continental adopt whitebox fuzz testing
How fuzz testing can be automated using LLMs
How an AI-generated fuzz test discovered a vulnerability in a popular open-source crypto library for embedded systems and IoT

Presentation

Speaker

Khaled Yakdan

Co-Founder & CPO, Code Intelligence

Khaled Yakdan is the Co-Founder & CPO at Code Intelligence. Holding a Ph.D. in Computer Science and having spent over nine years in academia, Khaled now oversees the Code Intelligence product roadmap and the implementation of the latest advancements in AI, vulnerability detection, and fuzz testing into the company’s products. He worked and contributed to research in reverse engineering, vulnerability finding, and concolic executions. His papers are published at top-tier international security conferences. Connect with Khaled on LinkedIn.

Join Khaled Yakdan
Book Now!

Company

Code Intelligence

https://www.code-intelligence.com/

Code Intelligence is a pioneering technology company established in Bonn, Germany, in 2018. Our AI-driven fuzz testing platform revolutionizes embedded software security testing by automating and simplifying the process. Designed to be CI/CD-agnostic, our platform integrates seamlessly with popular IDEs and build systems. It detects critical bugs and vulnerabilities early in development, allowing developers to reproduce and resolve issues in minutes. By empowering developers to identify and fix bugs within their own development environment, we ensure software reliability and security before products reach the market.

Get Agenda

Book Now