Veracode, a leading provider of intelligent software security solutions, today launches Veracode Fix, a new AI-powered product. Trained on Veracode’s proprietary dataset, Veracode Fix suggests remediations for security flaws found in code and open-source dependencies.
Shifting the Paradigm from Merely ‘Find’ to ‘Find and Fix’
“For far too long, organizations have had to choose between remediating software security flaws and meeting aggressive deadlines to push code into production. Veracode Fix makes it possible to deliver more secure software faster, at lower cost, and with higher confidence,” said Brian Roche, Chief Product Officer at Veracode.
“Through the power of AI and machine learning, leveraging GPT (Generative Pre-trained Transformer) technology, we’ve revolutionized the way developers and security teams address software security issues. Nearly two decades ago, Veracode pioneered a new industry standard as a cloud-based SaaS security platform. Today, we set a new bar, moving beyond application security testing to intelligent software security.”
Since its inception in 2006, Veracode has been committed to helping organizations find, understand, and remediate software security risk. The release of Veracode Fix brings software security to the next level by changing the scope of application security from merely ‘find’ to ‘find and fix.’
Automated Attacks Require Automated Response
Traditionally, when a flaw is found, developers research and rewrite code to manually fix the security issue. This requires enormous effort when compounded across thousands of security flaws in a codebase. This approach typically delays releases into production and increases security debt.
“Fixing security flaws has traditionally been a manual effort—until now,” said Roche. “With the increase in automated attacks, it’s no longer tenable to continue to remediate flaws entirely manually. Veracode Fix paves the way to a scalable mechanism to remove vulnerabilities before attackers can exploit them.”
Veracode Fix will be generally available with initial support for Java and C# in June 2023. To learn more about Veracode Fix, read more here.
Veracode is intelligent software security. Powered by nearly two decades of data, securing more than 130 trillion lines of code, with the Veracode Software Security Platform, development teams continuously find and fix flaws at every stage of the modern software development life cycle. Trusted by security teams, developers, and business leaders from thousands of the world’s most innovative organizations, Veracode is the software security pioneer for integrated prevention, detection, and response. Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter.
Copyright © 2023 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.