Home > News > featured news > Veracode Introduces Intelligent Software Security With Launch of Veracode Fix

Enterprise Security, Platform Security, Software Security

Veracode Introduces Intelligent Software Security With Launch of Veracode Fix

Businesswire | April 19, 2023 | Read time : 05:00 min

Veracode Introduces Intelligent Software Security

Veracode, a leading provider of intelligent software security solutions, today launches Veracode Fix, a new AI-powered product. Trained on Veracode’s proprietary dataset, Veracode Fix suggests remediations for security flaws found in code and open-source dependencies.

Shifting the Paradigm from Merely ‘Find’ to ‘Find and Fix’

“For far too long, organizations have had to choose between remediating software security flaws and meeting aggressive deadlines to push code into production. Veracode Fix makes it possible to deliver more secure software faster, at lower cost, and with higher confidence,” said Brian Roche, Chief Product Officer at Veracode.

“Through the power of AI and machine learning, leveraging GPT (Generative Pre-trained Transformer) technology, we’ve revolutionized the way developers and security teams address software security issues. Nearly two decades ago, Veracode pioneered a new industry standard as a cloud-based SaaS security platform. Today, we set a new bar, moving beyond application security testing to intelligent software security.”

Since its inception in 2006, Veracode has been committed to helping organizations find, understand, and remediate software security risk. The release of Veracode Fix brings software security to the next level by changing the scope of application security from merely ‘find’ to ‘find and fix.’

Automated Attacks Require Automated Response

Traditionally, when a flaw is found, developers research and rewrite code to manually fix the security issue. This requires enormous effort when compounded across thousands of security flaws in a codebase. This approach typically delays releases into production and increases security debt.

“Fixing security flaws has traditionally been a manual effort—until now,” said Roche. “With the increase in automated attacks, it’s no longer tenable to continue to remediate flaws entirely manually. Veracode Fix paves the way to a scalable mechanism to remove vulnerabilities before attackers can exploit them.”

Veracode Fix will be generally available with initial support for Java and C# in June 2023. To learn more about Veracode Fix, read more here.

About Veracode

Veracode is intelligent software security. Powered by nearly two decades of data, securing more than 130 trillion lines of code, with the Veracode Software Security Platform, development teams continuously find and fix flaws at every stage of the modern software development life cycle. Trusted by security teams, developers, and business leaders from thousands of the world’s most innovative organizations, Veracode is the software security pioneer for integrated prevention, detection, and response. Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter.

Copyright © 2023 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.

Spotlight

Implementieren digitaler Souveränität bei der Cloud-Einführung

Überwindung der Herausforderungen und Komplexitäten beim Aufbau von Souveränität als Teil einer Multi-Cloud-Strategie. 90 % der Unternehmen in Europa und 88 % im Nahen Osten, in der Türkei und in Afrika (META) nutzen heute die Cloud-Technologie, die einen wichtigen Baustein für die digitale Transformation darstellt. In dem Maße,

More featured news

Spotlight

Implementieren digitaler Souveränität bei der Cloud-Einführung

Überwindung der Herausforderungen und Komplexitäten beim Aufbau von Souveränität als Teil einer Multi-Cloud-Strategie. 90 % der Unternehmen in Europa und 88 % im Nahen Osten, in der Türkei und in Afrika (META) nutzen heute die Cloud-Technologie, die einen wichtigen Baustein für die digitale Transformation darstellt. In dem Maße,

Related News

Security Audit and Compliance, Software Security

Cyberint and Cyware Announce Integration to Enhance Detection and Automated Response Based on Dark Web Intelligence

Business Wire | August 25, 2023

Cyberint, the leader in impactful intelligence, is thrilled to announce its integration with Cyware, the leading provider of threat intelligence management, security collaboration, and cyber fusion solutions. The combined solution enables organizations to access and integrate contextual threat intelligence, enhance their threat-hunting capabilities, and automate collaborative response actions to potential attacks. The joint solution and use cases will be detailed in an upcoming webinar on August 29 at 1:00 pm EDT. “By combining Cyware's advanced capabilities with Cyberint's deep and dark web intelligence, we empower organizations to connect the dots on security incidents, reduce response time, and elevate their security posture,” said Shahar Kodraty, Head of Technical Alliances at Cyware. “Together, we can make a tangible impact in the fight against cyber threats, benefiting enterprises, government agencies, and MSSPs globally." With this collaboration, Cyberint's web intelligence seamlessly integrates with Cyware’s Threat Intel Exchange product enabling customers to: Identify potential threats at an early stage by leveraging streamlined deep and dark web intelligence, Receive contextual threat intelligence to enrich and enhance security tools, blocklists, threat research, and threat-hunting activities, Aggregate threat intelligence from multiple sources to create clear visibility into threat patterns, Automatically notify all stakeholders about critical intelligence, Proactively build detection rules and automate response actions to reduce the risk of successful attacks. "Our collaboration with Cyware will enable organizations to harness the power of streamlined deep and dark web intelligence, strengthening their security posture and ensuring continuous external protection from cyber threats," said Yochai Corem, CEO of Cyberint. About Cyberint Cyberint’s impactful intelligence solution fuses real-time threat intelligence with bespoke attack surface management, providing organizations with extensive integrated visibility into their external risk exposure. Leveraging autonomous discovery of all external-facing assets, coupled with open, deep & dark web intelligence, the solution allows cybersecurity teams to uncover their most relevant known and unknown digital risks - earlier. Global customers, including Fortune 500 leaders across all major market verticals, rely on Cyberint to prevent, detect, investigate, and remediate phishing, fraud, ransomware, brand abuse, data leaks, external vulnerabilities and more, ensuring continuous external protection from cyber threats. To learn more about Cyberint, visit the website: https://cyberint.com/. About Cyware Cyware helps enterprises transform security operations while breaking through silos for threat intelligence sharing, collaboration, and automated threat response. Its unique Cyber Fusion solutions enable lean security teams to proactively stop threats, connect the dots on security incidents, dramatically reduce response time, and reduce analyst burnout from repetitive tasks. Cyware improves security outcomes for enterprises, government agencies, and MSSPs, and provides threat intelligence-sharing platforms for the majority of ISAC/ISAO information-sharing communities globally. For more information, visit https://cyware.com/.

Read More

Enterprise Security, Platform Security, Software Security

SecPod releases SanerNow 6.0 to redefine Vulnerability Lifecycle Automation with Cyber Hygiene Score

Prnewswire | July 18, 2023

SecPod Technologies, a global leader in the cyberattack prevention industry, has released SanerNow 6.0, a new update to its flagship cyberattack prevention platform SanerNow. With a brand-new unified dashboard and an innovative Cyber Hygiene Score, SanerNow transforms how CISOs and security administrators combat cyberattacks and simplifies the process of vulnerability lifecycle automation. Chandrashekhar Basavanna, the CEO of SecPod, said, "We are very excited to launch a major upgrade to our SanerNow platform. Risk quantification has always been an intriguing concept industry-wide. We are taking a real shot at it with an innovative hygiene score. This will facilitate our Customers to quantify the risks their IT infrastructure is exposed to and implement vulnerability mitigation strategies. With an all-new dashboard, we are representing end-to-end vulnerability management with Visibility, Detection, Prioritization, and Mitigation coming together in a unified console." With Cyber Hygiene Score, based on SecPod's in-house security intelligence and proprietary algorithm, SanerNow quantifies an organization's cyber hygiene and provides insight into your IT infrastructure. Further, in combination with a unified dashboard, SanerNow provides a holistic view of your organization's risk exposure to take effective laser-focused actions. The new update, SanerNow 6.0, with the new dashboard and Cyber Hygiene Score, is now available for the general public. SecPod SanerNow Advanced Vulnerability Management is a comprehensive cyberattack prevention platform providing visibility and control over IT infrastructure, detection and prioritization of vulnerabilities, and vulnerability remediation in a single unified console. About SecPod SecPod is a SaaS-based cybersecurity technology company created with a singular, unwavering goal of preventing cyberattacks. Founded in 2008, the company provides a top-of-the-line advanced vulnerability management solution that strengthens organizations' cybersecurity posture worldwide.

Read More

Data Security

Oracle Attempts to Design New Open Network and Data Security Standard

Oracle | September 20, 2023

Oracle to participate in an industry-wide initiative to design a new open network and data security standard. Oracle and Applied Invention are assisting to developing and promoting a novel network and data-centric security standard to tackle distributed cloud deployment challenges. This standard will enable organizations to protect their data throughout its entire lifecycle without requiring modifications to their distributed cloud environments' underlying architecture. Oracle, one of the world's largest database management companies, announced that it will participate in an industry-wide initiative to design a new open network and data security standards that will assist organizations in protecting their data in distributed IT environments. Oracle will collaborate with Applied Invention, a significant technology provider, and other industry leaders, including Nomura Research Institute, Ltd. (NRI), a global leader in consulting and system solutions. This new standard will enable networks to enforce shared security policies collectively, thereby augmenting the security architecture organizations already employ without requiring modifications to existing applications and networks. Oracle plans to launch the Oracle Zero-Trust Packet Routing Platform, based on the new standard, to support this new initiative. This platform will assist organizations in preventing illegal access or use of their data without imposing additional obstacles on legitimate activities. Executive Vice President of Security and Developer Platforms at Oracle Cloud Infrastructure, Mahesh Thiagarajan, said, Over the last 20 years, the cybersecurity industry has produced many incremental changes, but we need a fundamentally novel approach to protect our data in the increasingly complex cloud era. Organizations require a way to describe their data security policies in one place where they can be easily understood and audited, and they need a way to make sure those policies are enforced across their entire computing infrastructure, including their clouds. [Source – Cision PR Newswire] As the adoption of cloud technology rises and IT landscapes become more intricate with distributed cloud deployments, organizations face escalating challenges in safeguarding their data using conventional methods and tools. For example, many existing systems necessitate security teams to orchestrate disparate solutions across various facets, including database, application, network, and identity security. This complexity is further compounded when applied across diverse environments. Ensuring seamless collaboration among these solutions becomes a formidable task due to the dynamic and independent changes in applications, environments, and user profiles. Additionally, current security systems demand extensive configurations to accurately distinguish between different user categories, such as full-time employees and contractors, without compromising security or restricting access. Research Vice President of Cloud and Edge Infrastructure Services at IDC, Dave McCarthy, said, The new standard Oracle develop has the potential to change all of that by adding a unified layer of security on top of existing solutions. Building data protection policies into the network itself will assist users get the access they require while ensuring the data remains secure behind the scenes. [Source – Cision PR Newswire] Oracle and Applied Invention are assisting in designing and promoting a novel security standard, focusing on network and data-centric security, which aims to tackle these challenges. This innovative standard will empower organizations to safeguard their data across its entire lifecycle, including distributed cloud environments. To accomplish this, the standard will implement an intent-based security policy that is designed to be understandable, auditable, and interpretable by humans. This intent-driven approach will be put into practice at the network layer, ensuring that every data transmission contains authenticated attributes concerning the sender, receiver, and the nature of the data in transit.

Read More

Security Audit and Compliance, Software Security

Cyberint and Cyware Announce Integration to Enhance Detection and Automated Response Based on Dark Web Intelligence

Business Wire | August 25, 2023

Cyberint, the leader in impactful intelligence, is thrilled to announce its integration with Cyware, the leading provider of threat intelligence management, security collaboration, and cyber fusion solutions. The combined solution enables organizations to access and integrate contextual threat intelligence, enhance their threat-hunting capabilities, and automate collaborative response actions to potential attacks. The joint solution and use cases will be detailed in an upcoming webinar on August 29 at 1:00 pm EDT. “By combining Cyware's advanced capabilities with Cyberint's deep and dark web intelligence, we empower organizations to connect the dots on security incidents, reduce response time, and elevate their security posture,” said Shahar Kodraty, Head of Technical Alliances at Cyware. “Together, we can make a tangible impact in the fight against cyber threats, benefiting enterprises, government agencies, and MSSPs globally." With this collaboration, Cyberint's web intelligence seamlessly integrates with Cyware’s Threat Intel Exchange product enabling customers to: Identify potential threats at an early stage by leveraging streamlined deep and dark web intelligence, Receive contextual threat intelligence to enrich and enhance security tools, blocklists, threat research, and threat-hunting activities, Aggregate threat intelligence from multiple sources to create clear visibility into threat patterns, Automatically notify all stakeholders about critical intelligence, Proactively build detection rules and automate response actions to reduce the risk of successful attacks. "Our collaboration with Cyware will enable organizations to harness the power of streamlined deep and dark web intelligence, strengthening their security posture and ensuring continuous external protection from cyber threats," said Yochai Corem, CEO of Cyberint. About Cyberint Cyberint’s impactful intelligence solution fuses real-time threat intelligence with bespoke attack surface management, providing organizations with extensive integrated visibility into their external risk exposure. Leveraging autonomous discovery of all external-facing assets, coupled with open, deep & dark web intelligence, the solution allows cybersecurity teams to uncover their most relevant known and unknown digital risks - earlier. Global customers, including Fortune 500 leaders across all major market verticals, rely on Cyberint to prevent, detect, investigate, and remediate phishing, fraud, ransomware, brand abuse, data leaks, external vulnerabilities and more, ensuring continuous external protection from cyber threats. To learn more about Cyberint, visit the website: https://cyberint.com/. About Cyware Cyware helps enterprises transform security operations while breaking through silos for threat intelligence sharing, collaboration, and automated threat response. Its unique Cyber Fusion solutions enable lean security teams to proactively stop threats, connect the dots on security incidents, dramatically reduce response time, and reduce analyst burnout from repetitive tasks. Cyware improves security outcomes for enterprises, government agencies, and MSSPs, and provides threat intelligence-sharing platforms for the majority of ISAC/ISAO information-sharing communities globally. For more information, visit https://cyware.com/.

Read More

Enterprise Security, Platform Security, Software Security

SecPod releases SanerNow 6.0 to redefine Vulnerability Lifecycle Automation with Cyber Hygiene Score

Prnewswire | July 18, 2023

SecPod Technologies, a global leader in the cyberattack prevention industry, has released SanerNow 6.0, a new update to its flagship cyberattack prevention platform SanerNow. With a brand-new unified dashboard and an innovative Cyber Hygiene Score, SanerNow transforms how CISOs and security administrators combat cyberattacks and simplifies the process of vulnerability lifecycle automation. Chandrashekhar Basavanna, the CEO of SecPod, said, "We are very excited to launch a major upgrade to our SanerNow platform. Risk quantification has always been an intriguing concept industry-wide. We are taking a real shot at it with an innovative hygiene score. This will facilitate our Customers to quantify the risks their IT infrastructure is exposed to and implement vulnerability mitigation strategies. With an all-new dashboard, we are representing end-to-end vulnerability management with Visibility, Detection, Prioritization, and Mitigation coming together in a unified console." With Cyber Hygiene Score, based on SecPod's in-house security intelligence and proprietary algorithm, SanerNow quantifies an organization's cyber hygiene and provides insight into your IT infrastructure. Further, in combination with a unified dashboard, SanerNow provides a holistic view of your organization's risk exposure to take effective laser-focused actions. The new update, SanerNow 6.0, with the new dashboard and Cyber Hygiene Score, is now available for the general public. SecPod SanerNow Advanced Vulnerability Management is a comprehensive cyberattack prevention platform providing visibility and control over IT infrastructure, detection and prioritization of vulnerabilities, and vulnerability remediation in a single unified console. About SecPod SecPod is a SaaS-based cybersecurity technology company created with a singular, unwavering goal of preventing cyberattacks. Founded in 2008, the company provides a top-of-the-line advanced vulnerability management solution that strengthens organizations' cybersecurity posture worldwide.

Read More

Data Security

Oracle Attempts to Design New Open Network and Data Security Standard

Oracle | September 20, 2023

Oracle to participate in an industry-wide initiative to design a new open network and data security standard. Oracle and Applied Invention are assisting to developing and promoting a novel network and data-centric security standard to tackle distributed cloud deployment challenges. This standard will enable organizations to protect their data throughout its entire lifecycle without requiring modifications to their distributed cloud environments' underlying architecture. Oracle, one of the world's largest database management companies, announced that it will participate in an industry-wide initiative to design a new open network and data security standards that will assist organizations in protecting their data in distributed IT environments. Oracle will collaborate with Applied Invention, a significant technology provider, and other industry leaders, including Nomura Research Institute, Ltd. (NRI), a global leader in consulting and system solutions. This new standard will enable networks to enforce shared security policies collectively, thereby augmenting the security architecture organizations already employ without requiring modifications to existing applications and networks. Oracle plans to launch the Oracle Zero-Trust Packet Routing Platform, based on the new standard, to support this new initiative. This platform will assist organizations in preventing illegal access or use of their data without imposing additional obstacles on legitimate activities. Executive Vice President of Security and Developer Platforms at Oracle Cloud Infrastructure, Mahesh Thiagarajan, said, Over the last 20 years, the cybersecurity industry has produced many incremental changes, but we need a fundamentally novel approach to protect our data in the increasingly complex cloud era. Organizations require a way to describe their data security policies in one place where they can be easily understood and audited, and they need a way to make sure those policies are enforced across their entire computing infrastructure, including their clouds. [Source – Cision PR Newswire] As the adoption of cloud technology rises and IT landscapes become more intricate with distributed cloud deployments, organizations face escalating challenges in safeguarding their data using conventional methods and tools. For example, many existing systems necessitate security teams to orchestrate disparate solutions across various facets, including database, application, network, and identity security. This complexity is further compounded when applied across diverse environments. Ensuring seamless collaboration among these solutions becomes a formidable task due to the dynamic and independent changes in applications, environments, and user profiles. Additionally, current security systems demand extensive configurations to accurately distinguish between different user categories, such as full-time employees and contractors, without compromising security or restricting access. Research Vice President of Cloud and Edge Infrastructure Services at IDC, Dave McCarthy, said, The new standard Oracle develop has the potential to change all of that by adding a unified layer of security on top of existing solutions. Building data protection policies into the network itself will assist users get the access they require while ensuring the data remains secure behind the scenes. [Source – Cision PR Newswire] Oracle and Applied Invention are assisting in designing and promoting a novel security standard, focusing on network and data-centric security, which aims to tackle these challenges. This innovative standard will empower organizations to safeguard their data across its entire lifecycle, including distributed cloud environments. To accomplish this, the standard will implement an intent-based security policy that is designed to be understandable, auditable, and interpretable by humans. This intent-driven approach will be put into practice at the network layer, ensuring that every data transmission contains authenticated attributes concerning the sender, receiver, and the nature of the data in transit.

Read More

More featured news