CI Spark

CI Spark leverages generative AI’s code analysis and generation capabilities to automate the generation of fuzz tests, which are central to AI-powered white-box testing. To that end, we have created an extensive set of prompts that guide LLMs to identify security-critical functions and generate high-quality fuzz tests. The prompts give instructions on how to develop tests that optimally use our underlying fuzzing engines. They also provide the insights necessary for CI Spark to create tests that achieve maximum code coverage. We have built and refined our prompts based on our years of experience in fuzz testing across open and closed-source projects, enabling our AI assistant to maintain a minimal false positive rate. Moreover, CI Spark offers an interactive mode, allowing users to quickly interact with it to correct any false positives that slip through and improve the quality of the generated tests.

Advantages:

Automatic identification of fuzzing candidates

Provide a list of public functions/methods that can be used as entry points for fuzz tests. These APIs are called with user-controlled data and thus should be thoroughly tested. 

• Automatic generation of tests
  Generate a fuzz test for a selected candidate. The interactive mode enables users to give tips to the AI to improve the quality of the generated test and fix any errors.
• Improving existing tests
  If you already have fuzz tests, CI Spark can assist you in improving the test to increase code coverage.
• Leverage existing unit tests to generate high-quality fuzz tests
  To have higher-quality fuzz tests, you can provide existing unit tests that call the candidate API as hints to CI Spark. These provide valuable examples of the correct usage of the API in the tests and result in better fuzz tests.
• Advantages CI Spark: Automation potential of leveraging generative AI

• 
  

  Legacy Code Base

  CI Spark was proven to cover unknown code by automatically analyzing, finding the right places to place tests and creating them. Legacy code often does not match newer quality and security standards. Get this code under test fast with CI Spark.

  3rd Party Code

  Providing quality code to other teams or companies requires good test coverage. When receiving code, it is important to quickly check and match own quality and security standards. Use CI Spark to make this job fast and simple.

  Own Code Development

  Time is money. And developers will appreciate a way to short-cut creation of tests for their code significantly. Adhere to high quality and security standards from day one. Adhere to all delivery timelines and not miss test coverage

•