Code Pulse | Real-Time Code Coverage (original) (raw)

Compare coverage across testing tools

Are you using automated penetration testing tools? Monitor and compare their coverage. Visually understand where there were coverage overlaps and where there weren't any.

Communicate your testing activity

Export your coverage activity and share it with others so they can easily understand which parts of the application were covered in testing.

A continuous challenge facing penetration testers is ensuring adequate coverage of a target application. A purely black box perspective makes it almost impossible to accurately identify how much of the attack surface was tested for penetration during assessment.

Code Pulse is a glass box tool that provides insight into the real-time code coverage of penetration testing activities. Code Pulse automatically detects coverage information while the tests are being conducted and will even make it possible to understand the overlaps and boundaries of the different tools coverage.

Code Pulse presents coverage information in a visual form to make it easy to understand at-a-glance which parts of an application have been covered and how much. The real-time coverage feedback makes it easy to adjust testing activity based on the observed coverage. In addition, for testing activities relying on multiple techniques (a variety of dynamic analysis tools for instance) it's easy to split up the recorded activity to understand which code was covered by each tool independently or alternatively to view coverage overlaps between multiple tools.

Identify coverage gaps

Even if you visited a page, you may not have triggered certain critical code paths. See exactly what methods were called during your testing.

Learn how to fine-tune your testing tools

There are a lot of unknowns when using active scanners. Use Code Pulse as you let your scanners loose on the application and understand where the scan shortcomings were as you fine-tune the testing tool configuration.