TL;DR:
- OpenText introduces updates to its static analysis tool, Fortify Audit, at the Security Summit 2024 conference.
- The latest version incorporates additional AI models for deeper insights into custom source code attributes.
- Features include automatic model refresh to detect and address drift, with quarterly updates pledged by OpenText.
- Fortify Audit Assistant now supports over 30 language-specific models, enhancing testing performance.
- Dylan Thomas, Senior Director at OpenText Cybersecurity, emphasizes the tool’s role in safeguarding on-premises data and streamlining alert management for DevSecOps teams.
- The tool helps identify non-vulnerable test code and prioritize remediation efforts efficiently.
- Amidst tightening regulatory mandates, organizations are urged to adopt robust DevSecOps practices to fortify software supply chains effectively.
Main AI News:
In a move to bolster source code auditing capabilities within on-premises IT landscapes, OpenText has unveiled advancements to its static analysis tool, leveraging machine learning algorithms for deeper insights.
Unveiled during the prestigious OpenText Security Summit 2024, the latest iteration of Fortify Audit introduces an array of additional artificial intelligence (AI) models engineered to grasp the intricacies of bespoke source code. This enhanced version of Fortify Audit Assistant not only incorporates the capability to detect model drift but also facilitates automatic refreshes when deemed necessary, with OpenText committing to quarterly model updates.
Distinguished by its discriminant AI model, OpenText empowers machine learning algorithms to assimilate the methodology behind human-driven application audits, enabling analogous assessments across diverse applications. Previously reliant on a uniform core model for auditing both on-premises and software-as-a-service (SaaS) applications, Fortify Audit Assistant now boasts support for over 30 language-specific models, thereby amplifying testing efficacy.
Dylan Thomas, Senior Director for Fortify Engineering and Product at OpenText Cybersecurity, underscores the significance of safeguarding sensitive data within on-premises environments. This strategic emphasis aligns with the overarching objective of rationalizing the plethora of alerts inundating DevSecOps teams, facilitating expedited issue resolution by pinpointing root causes efficiently.
Thomas emphasizes the utility of Fortify Audit Assistant in identifying non-vulnerable test code, which was never operationalized in a production setting, thereby enabling DevOps teams to prioritize remediation efforts judiciously. By harnessing a lightweight AI model that seamlessly integrates comprehensive source code scanning capabilities, organizations can navigate the intricate landscape of application security with agility and precision.
In light of evolving regulatory mandates surrounding software supply chain integrity, organizations are compelled to fortify their defenses against emerging threats. As the repercussions of audit failures escalate, fueled by regulatory scrutiny, organizations are urged to embrace robust DevSecOps practices to fortify their software supply chains effectively.
While the extent of adoption of DevSecOps practices remains ambiguous, advancements in AI and automation promise to bolster vulnerability detection mechanisms, preempting potential exploits before they materialize in production environments.
Though securing production environments remains imperative, the prevalence of subpar development and deployment practices underscores the imperative of transitioning towards DevSecOps paradigms. Amidst the prevailing cybersecurity landscape, characterized by escalating threats, organizations must proactively fortify their defenses to thwart increasingly sophisticated cyber adversaries.
Conclusion:
OpenText’s advancements in AI-driven source code auditing signify a proactive approach towards bolstering cybersecurity in an increasingly complex digital landscape. As regulatory scrutiny intensifies, organizations must embrace innovative solutions like Fortify Audit to fortify their software supply chains and mitigate emerging threats effectively. This underscores the burgeoning demand for sophisticated cybersecurity tools and underscores the imperative for organizations to invest in cutting-edge technologies to safeguard their digital assets.