Benjamin Bales, Co-Founder & CTO
In today’s digital world, enterprises need to move with incredible speed to get a competitive edge on their product offerings and solutions that are primarily defined by software. However, in recent years, enterprises have become increasingly concerned about the growing threat of cybersecurity. According to a recent report by Cybersecurity Ventures , 111 billion new lines of code were produced in 2017, introducing a massive amount of vulnerabilities that could be exploited by hackers. Constant innovation and “hardening” of new and legacy applications against cyber threats is a modern day reality that every enterprise is faced with.
DevOps teams typically combat these issues with a suite of AppSec tools that help them to remediate vulnerabilities in the code. However, many of them have noted that while these tools are assisting them to produce better software, they introduce inefficiencies into the software testing process, which impact the overall development velocity of the project. The problem with AppSec tools today is that they produce too much noise. The existing technologies for noise reduction typically don’t scale well to large code bases, making them less useful to DevOps teams. However, modern AI technologies have the power to circumvent the existing technological limitations—enabling DevOps team to maintain a higher development velocity while hardening their applications to cyber threats.
QbitLogic, a quantum software company, developed the world’s first AI-powered AppSec product—CODEAI—to assist DevOps teams in hardening their applications against known cyber threats. The US based security company develops advanced AppSec tools using state of the art AI technologies. These tools enable their customers or any software enterprise to increase the protective coverage of their application portfolio at a higher pace and at a much lower cost.
QbitLogic is the first company
in the world that built an AI that
QbitLogic’s tools are designed to facilitate comprehensive application security testing and generate a list of actionable solutions to detected issues, which mitigates precious time spent generating solutions manually. CODEAI’s smart denoising algorithms separate real security threats from the false positives. The smart, real-time learning algorithms acquire knowledge from the previous sessions to improve performance in the future ones. CODEAI helps to not only harden the attack surface of the application portfolio against cyber threats but also significantly increase the overall development velocity of the teams that use it.
The CODEAI solution has been gaining tremendous traction in a broad set of industries, including automotive, banking, IoT, aerospace, and defense. Recently, a large autonomous vehicle company used CODEAI on an extensive and continuously expanding portfolio of software applications. They were able to remediate hundreds of attack vectors in their application. What usually takes months to accomplish took days with CODEAI and without hiring more people. CODEAI is available as a cloud-based service for open source projects and can be deployed on premise for commercial customers. The cloud-based service has been used by some very famous open source software projects that top ten industries rely on. It hardened over 50 projects and remediated over 3000 vulnerabilities in code, estimating close to 2000 development hours saved.
QbitLogic is the first company in the world that built an AI which understands code. The enterprise plans on incorporating AI technologies throughout the software development life cycle (SDLC), including SAST, DAST, and continuous integration (CI). The use of AI can substantially improve AppSec tool suites that in turn impact the quality and security of your code base while simultaneously increasing the overall development velocity. QbitLogic will also be releasing an entire suite of AI-powered AppSec solutions for DevOps by the end of this year, to provide its customers with a unique competitive edge in the game of cybersecurity.