Veracode, a provider of intelligent software security solutions launches Veracode Fix, a new AI-powered product.
Trained on Veracode’s proprietary dataset, Veracode Fix suggests remediations for security flaws found in code and open-source dependencies.
Shifting the paradigm from merely ‘find’ to ‘find and fix’
“For far too long, organisations have had to choose between remediating software security flaws and meeting aggressive deadlines to push code into production. Veracode Fix makes it possible to deliver more secure software faster, at lower cost, and with higher confidence,” said Brian Roche, Chief Product Officer at Veracode.
“Through the power of AI and machine learning, leveraging GPT (Generative Pre-trained Transformer) technology, we’ve revolutionized the way developers and security teams address software security issues."
Veracode Fix
Veracode Fix brings software security to the next level by changing the scope of application security
"Nearly two decades ago, Veracode pioneered a new industry standard as a cloud-based SaaS security platform. Today, we set a new bar, moving beyond application security testing to intelligent software security.”
Since its inception in 2006, Veracode has been committed to helping organisations find, understand, and remediate software security risks. The release of Veracode Fix brings software security to the next level by changing the scope of application security from merely ‘find’ to ‘find and fix.’
Automated attacks require an automated response
Traditionally, when a flaw is found, developers research and rewrite code to manually fix the security issue. This requires enormous effort when compounded across thousands of security flaws in a codebase. This approach typically delays releases into production and increases security debt.
“Fixing security flaws has traditionally been a manual effort, until now,” said Roche. “With the increase in automated attacks, it’s no longer tenable to continue to remediate flaws entirely manually. Veracode Fix paves the way to a scalable mechanism to remove vulnerabilities before attackers can exploit them.” Veracode Fix will be generally available with initial support for Java and C# in June 2023.