ArmorCode has launched AI Remediation in its ArmorCode ASPM Platform to help resolve security issues faster, put security expertise in the hands of developers, and reduce DevSecOps friction.
ArmorCode AI Remediation is a new capability and the second pillar in the ArmorCode AI-powered ASPM Platform, building on the AI Correlation capability. The ArmorCode ASPM Platform has now also surpassed 10 billion findings processed to power its AI solutions and insights. Driven by this volume, variety and user validation of data sources, ArmorCode’s AI capabilities together help developer and security teams uncover the risks that matter most to an organization and fix them faster, reducing mean time to remediation (MTTR).
“One of the challenges organizations face is empowering developers with guidance on how to remediate different vulnerabilities. Between our teams, we have to spend cycles identifying the right actions to remediate a given vulnerability, and that can take up valuable time,” said Dheeraj Khanna, VP-SRE, DevOps, and Cloud Product Security at NetApp.
“With the advent of new AI capabilities, there’s big potential in generating targeted and instructive remediation guidance, and that’s exactly what my team is exploring with ArmorCode’s new AI Remediation capabilities. We’re excited to see how we can further optimize and reduce friction in our remediation processes with ArmorCode,” Khanna continued.
Prior to ArmorCode AI Remediation, developers needed to manually determine how to address findings through their own research or by waiting for guidance from security teams, who spent their already limited time on providing remediation plans that were often complex or assumed existing knowledge. This led to significant wasted development time, limited potential remediation paths, and created friction between DevSecOps teams and slowed MTTR.
ArmorCode AI Remediation harnesses a custom, highly-trained large language model (LLM) trained on security vulnerabilities and potential remediation actions to generate a set of recommendations for a given finding, prioritized by the most meaningful and impactful approaches. The LLM is fully hosted within the ArmorCode environment and only persists for the duration of a session to protect proprietary data. The remediation actions enable developers to identify the right course of action for a given issue much faster and help security teams better scale and train developers.
“As the speed of software delivery and global cyberattacks increase in tandem, the role of developers in remediating application security issues has never been more important. However, asking them to just figure it out or wait on over-strapped security teams for guidance is no longer working,” said Nikhil Gupta, CEO of ArmorCode.
“It is time to democratize software security by harnessing AI to provide developers with remediation guidance and enterprise-grade security for modern security problems. ArmorCode AI Remediation, embedded in our AI-powered ASPM Platform, is putting security into developers’ hands and giving enterprises full control over their risk postures,” Gupta added.
Oftentimes, the person receiving remediation actions from their security tools struggles to figure out how to implement those suggestions, if actions are even provided in the first place. That person will receive an influx of data, but it typically does not boil down to a specific course of action they can clearly take. Where current remediation tools may not be concise or actionable, ArmorCode’s AI Remediation provides a consistent set of different potential courses of action to take, in order of priority, layering remediation guidance into tools that are not already equipped with it. This significantly lowers the barrier for an organization’s professionals to implement the advice they receive.
ArmorCode AI Remediation is also empowering enterprises across the globe to:
- Get the job done quicker. AI Remediation reduces MTTR and helps development and security teams get issues fixed faster.
- Put security expertise in developer hands. AI Remediation allows security teams to better allocate their expertise, reduce bottlenecks, and scale with the pace and size of development teams.
- Reduce wasted effort. AI Remediation increases the speed at which teams can determine the appropriate remediation action to take for a finding by automating the search for guidance on specific vulnerabilities.