Veracode Acquires ML-Powered Vulnerability Remediation Technology From…

On the heels of our significant growth investment from TA Associates, we are pleased to announce our acquisition of auto-remediation technology from Jaroona. Jaroona’s intelligent remediation technology accelerates Veracode’s vision and strategy to automatically detect and remedy software vulnerabilities. Jaroona was recognized as a Gartner Inc. 2021 Cool Vendor for DevSecOps1.

Accelerated development practices and software dependencies have increased the software attack surface exponentially, placing a greater strain on development and security teams to ramp up security awareness and skills as well as find and fix flaws across an evolving technical environment. This investment will allow us to offer a unique benefit to our customers, leveraging our collective knowledge over nearly two decades of helping customers find and fix security flaws. This milestone is yet another step toward our vision to deliver a frictionless experience for developers to find and fix security flaws, enabling them to work together with their security teams to build and deploy software quickly and securely.

With this added technologywe will be able to incorporate intelligent remediation capabilities across our platform more rapidly, propose more advanced code fixes, and expand support for traditional and cloud-native programming languages ​​and frameworks. We will initially provide suggested code flaw fixes with suggestions ranked by relevancy and frequency of use by other developers who fixed similar vulnerabilities.

Upon initial launch, which we expect later this year, the technology will be embedded into Veracode Static Analysis (SAST) and will be fully available to integrate directly into the CI / CD pipeline. As flaws are identified and fixes are proposed, developers can review proposed changes prior to merging remediations as part of their normal code review process.

Enabling developers to fix flaws in their code more quickly will go a long way toward helping security and development teams balance a common business tradeoff today, speed versus risk. Development teams that spend a lot of time manually remediating code will be more efficient through the use of this capability. Reducing even a portion of that work with an auto-remediation solution that provides patches for frequently detected flaws can recapture developer time and reduce the overall cycle time for delivery.

As we continue to innovate around this important new capability, we will bring the benefits of intelligent remediation to our entire portfolio of software security solutions, spanning custom and open-source code across our customer’s traditional and cloud-native technologies.

We hope you are as excited as we are about the promise of this new technology and the benefits that it will bring to your organization. Keep an eye out for upcoming updates.

Source

On the heels of our significant growth investment from TA Associates, we are pleased to announce our acquisition of auto-remediation technology from Jaroona. Jaroona’s intelligent remediation technology accelerates Veracode’s vision and strategy to automatically detect and remedy software vulnerabilities. Jaroona was recognized as a Gartner Inc. 2021 Cool Vendor for DevSecOps1.

Accelerated development practices and software dependencies have increased the software attack surface exponentially, placing a greater strain on development and security teams to ramp up security awareness and skills as well as find and fix flaws across an evolving technical environment. This investment will allow us to offer a unique benefit to our customers, leveraging our collective knowledge over nearly two decades of helping customers find and fix security flaws. This milestone is yet another step toward our vision to deliver a frictionless experience for developers to find and fix security flaws, enabling them to work together with their security teams to build and deploy software quickly and securely.

With this added technologywe will be able to incorporate intelligent remediation capabilities across our platform more rapidly, propose more advanced code fixes, and expand support for traditional and cloud-native programming languages ​​and frameworks. We will initially provide suggested code flaw fixes with suggestions ranked by relevancy and frequency of use by other developers who fixed similar vulnerabilities.

Upon initial launch, which we expect later this year, the technology will be embedded into Veracode Static Analysis (SAST) and will be fully available to integrate directly into the CI / CD pipeline. As flaws are identified and fixes are proposed, developers can review proposed changes prior to merging remediations as part of their normal code review process.

Enabling developers to fix flaws in their code more quickly will go a long way toward helping security and development teams balance a common business tradeoff today, speed versus risk. Development teams that spend a lot of time manually remediating code will be more efficient through the use of this capability. Reducing even a portion of that work with an auto-remediation solution that provides patches for frequently detected flaws can recapture developer time and reduce the overall cycle time for delivery.

As we continue to innovate around this important new capability, we will bring the benefits of intelligent remediation to our entire portfolio of software security solutions, spanning custom and open-source code across our customer’s traditional and cloud-native technologies.

We hope you are as excited as we are about the promise of this new technology and the benefits that it will bring to your organization. Keep an eye out for upcoming updates.

Source

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Advertismentspot_img

Latest posts

Senators Urge FTC to Probe ID.me Over Selfie Data – Krebs on Security

Some of more tech-savvy Democrats in the U.S. Senate are asking the Federal Trade Commission (FTC) to investigate identity-proofing company ID.me for “deceptive statements”...

Personal Information of Nearly Two Million Texans Exposed

The personal information of nearly two million Texans was exposed for nearly three years due to a programming issue at the Texas Department of...

Critical VMware Bug Exploits Continue, as Botnet Operators Jump In

Recently uncovered VMware vulnerabilities continue to anchor an ongoing wave of cyberattacks bent on dropping various payloads. In the latest spate of activity,...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!