Digitization has resulted in an enormous volume of data. Globally, the amount of data created, recorded, duplicated, and consumed is expected to dramatically expand. Global data generation is expected to reach more than 180 zettabytes in the following five years, up to 2025. That’s a deluge of data brought on by the convergence of social, mobile, and cloud technologies.
Code Intelligence, a fuzzing-focused automated application security testing platform based in Bonn, Germany, has raised $12M in a Series A fundraising round led by Tola Capital. LBBW, OCCIDENT, Verve Ventures, HTGF, and Thomas Dohmke, GitHub’s CEO, also invested in the round, bringing the company’s total capital to around $15.7M.
Code Intelligence will use the new funds to invest extensively in product development in order to establish a unified workflow for setting up, debugging, and managing testing pipelines directly from the codebase, command-line, or any integrated development environment (IDE). Advanced debugging and dashboards with deeper insights for all modules and services, as well as automatic API discovery and categorization, will be added to the platform this year. More technological stacks will be supported, as well as a self-service SaaS platform, according to developers. In Europe, the startup is looking for senior software engineers, developer community managers, and customer success representatives.
Code Intelligence enables developers to ship secure code by offering a platform for identifying and repairing security flaws before they reach the final result. Sergej Dechand, Khaled Yakdan, and Matthew Smith launched the startup in 2018 while studying IT security and privacy at the University of Bonn. The co-founders had a shared interest in ethical hacking and began collaborating to automate the procedure.
Bosch, Continental, and Deutsche Telekom are among Code Intelligence’s current customers, which include mid-to-large-sized enterprises. The company claims to collaborate with Google and has made numerous contributions to the open-source community, including the Jazzer Java fuzzing engine, which has discovered over 500 vulnerabilities in over 30 projects.
Sergej Dechand, CEO and co-founder of Code Intelligence, stated, “We aim to live in a future where the gadgets, services, and systems we rely on every day are truly secure.Our goal is to become the most popular platform for application security testing. Our goal is to provide every developer with the tools they need to produce better secure code, even if they don’t have extensive security knowledge. We collaborate closely with the open-source community to disseminate the ‘test early and often’ mentality and make security a natural part of every developer’s daily coding routine.”
“Most application security solutions are built for later stages of the development lifecycle. If detected, vulnerabilities are caught too late in the game, making them increasingly long, difficult and expensive to fix. Code Intelligence helps developers ship secure software by providing the necessary integrations to test their code at each pull request, without ever having to leave their favorite environment. It’s like having an automated security expert always by your side.” said Thomas Dohmke, CEO of Github.
Code Intelligence employs a variety of analysis techniques, such as artificial intelligence (AI) and fuzz testing, to simulate a hacker with intimate knowledge of the application. This approach to white-box testing generates millions of test cases, which might trigger problems and hard-to-find vulnerabilities deep inside the programme.
Code Intelligence interacts with services like Jenkins, GitHub, and GitLab because developers don’t want to look at yet another tool in their development workflow. Developers will not only be able to see how well their code is covered as a result of this, but Code Intelligence will also add an additional pipeline to the continuous integration system that will automatically fuzze the code when new pull or merge requests arrive.
The self-serve platform from Code Intelligence is currently in closed beta, and the company is still working closely with its enterprise customers to onboard new teams. But, in the long run, the goal is to automate everything and offer a self-service platform.