OpenText, a Canadian information management company, recently introduced Fortify Aviator, an AI-powered code security solution designed to streamline the process of identifying and fixing code vulnerabilities.
This new tool aims to reduce the time developers spend on static application security testing (SAST) by integrating advanced AI capabilities directly into their workflows. Fortify Aviator uses LLMs and OpenText’s extensive experience in the SAST market to offer a combination of deep, accurate scans and rapid remediation.
The tool is designed to improve security accuracy by more precisely identifying true vulnerabilities and explaining false positives, thus reducing the time developers spend on manual validation. Additionally, it provides fully contextualised remediation suggestions, helping developers quickly fix code issues without extensive research and context-switching.
What is Code Security, and Why is it Important?
Code security refers to embedding security measures directly into the code during the development process. This practice is crucial for protecting intellectual property and preventing tampering or theft of code.
This tool is designed to improve security accuracy by more precisely identifying true vulnerabilities and explaining false positives, thus reducing the time developers spend on manual validation.
By leveraging AI, Fortify Aviator aims to enhance the accuracy of vulnerability detection and provide developers with actionable insights, thus reducing the noise of false positives and non-critical issues.
The introduction of Fortify Aviator comes at a time when AI is increasingly being integrated into DevSecOps practices. AI technologies are being leveraged to enhance various aspects of DevSecOps, including threat intelligence, vulnerability management, automated testing, behaviour analysis, and incident response.
Unlike competitors such as Checkmarx and Veracode, Fortify Aviator differentiates itself through advanced AI that provides contextualised fix suggestions directly within the developer’s workflow, reducing the time spent on manual validation and remediation
Despite the benefits, the adoption of AI in code security is not without challenges. According to a recent report, 80% of data experts believe that AI exacerbates data security challenges, with concerns around the inadvertent exposure of sensitive data by AI models and adversarial attacks by malicious actors. Additionally, 57% of respondents have seen a significant increase in AI-powered attacks in the past year.
