Black Duck’s Signal uses agentic AI to detect and fix software vulnerabilities in real time across code and supply chains.
Black Duck Software launched ‘Signal,’ an innovative agentic AI solution designed to secure software development workflows fueled by AI coding assistants. Signal integrates advanced multimodel LLMs with two decades of Black Duck’s security intelligence to autonomously identify, prioritize, and remediate vulnerabilities across source code, binaries, supply chain components, and running apps. Its real-time incremental analysis delivers immediate security insights as developers create or modify code. Signal directly integrates with popular AI coding assistants such as Google Gemini and GitHub Copilot, embedding security into AI-powered development cycles without slowing progress. Additionally, it uses role- and task-specific AI agents to automate complex security workflows and detect sophisticated risks, including business logic flaws beyond traditional scanning techniques. Automated remediation provides verified code fixes and library patches, further accelerating secure software delivery. Signal exemplifies how AI and security can co-evolve, delivering protection that keeps pace with the accelerating AI-driven software development paradigm.
Source: SiliconANGLE