printer friendly version

AI-enabled tools reducing time to value and enhancing application security

Next-generation AI tools are adding new layers of intelligent testing, audit, security, and assurance to the application development lifecycle, reducing risk, and improving time to value while augmenting the overall security posture.

This is according to Paul Meyer, Security Solutions Executive at iOCO, the only OpenText platinum partner in Africa.

Paul Meyer.

iOCO notes that OpenText has invested heavily in unlocking the potential of AI and large language models (LLMs) across its solutions portfolio. It has harnessed the power of AI in its application security solutions for more secure and compliant application development.

Meyer says two of the most exciting new AI-enabled solutions from OpenText are Debricked Open Source Select and Fortify Audit Assistant, which address the growing challenge of developing secure and reliable applications quickly.

Open Source Select controls security, compliance, and code health; continuously and automatically scanning code from open-source environments to identify, prevent and remediate vulnerabilities at source. Fortify Audit Assistant Gen2 is a machine-learning-assisted auditing solution that reduces noise and false positives, streamlines security and improves developer efficiency with over 98% accuracy.

Meyer says he recently introduced local enterprises to these new tools for more secure application development. The response was overwhelmingly positive.

“OpenText Fortify on-premises, hybrid, and on-demand solutions address key challenges in enterprise application development,” he says. Nowadays, everything is application-driven, and security has become an immense issue. OpenText is trusted for securing the software development lifecycle (SDLC), including static application security testing (SAST) and dynamic application security testing (SAST).”

Open Source Select addresses vulnerabilities that can occur when sourcing code from open-source projects. “Many developers copy and paste code from open-source projects to speed up development. The problem with this is that the code could be insecure and contain security vulnerabilities, backdoors, and malware. With state-of-the-art machine learning, Open Source Select scans the code and gives insight into the open-source community’s health status on specific projects. As the community updates and improves the code, the developer’s code matures with it.” Remediation also happens at the source; thus, identifying issues early in the SDLC mitigates time and development costs on postproduction fault finding.

Developers can research over 40 million open-source projects to make informed decisions and compare and evaluate open-source dependencies before selecting what to import into their codebase. Debricked also mitigates risks related to licencing, unsupported packages and decaying communities.

Audit Assistant Gen2 machine-learning-assisted auditing of SAST results offer a ‘birds-eye- view’ of the entire development estate. Launched earlier this year, Generation 2 of Audit Assistant builds on ten years of data from human experts and turns it into augmentative, predictive models that are significantly more accurate compared to the previous generation's models, reducing false positives by up to 90%.

The new generation iteration also learns from each company’s unique environment and remains sensitive to unique data privacy needs. It reduces the number of application security scan findings that require deep manual examination and the risk of human error and information analysis fatigue. The time required for human auditing before the results are actionable is significantly reduced, and it assists in prioritising relevant issues with confidence, much earlier in the SDLC.

“It highlights vulnerabilities, correlates data, and gives a view of the overall health status. With AI, it allows enterprises to set thresholds for acceptability in the knowns and unknowns, filters out problematic noise to give an overview of priority problems, and offers actionable remediation steps. It helps enterprises speed up development and produce better code,” confirms Meyer.

iOCO states that while cybercriminals harness AI, leading vendors such as OpenText are innovatively using AI technology to counter cyber risk. OpenText is a global market leader in information management and has been working in the AI arena for over a decade. The company is leading the way in using AI to be omnipresent in areas such as service management and security.

Find out more at iOCO, Heidi Ziegelmeier, +27 11 417 8594, heidi.ziegelmeier@ioco.tech, https://ioco.tech/

Share this article:

Further reading: