Endor Labs and seven other organizations have launched Opengrep, a new open-source project aimed at ensuring accessibility and innovation in static code analysis for application security. The ...

CodeRabbit's $60M funding highlights enterprise need for AI code review platforms, with organizations seeing 25% efficiency ...

Persistent open source security concerns Why developers need to improve at keeping open source components up-to-date The need for a Software Bill of Materials (SBOM) for software supply chain ...

Security researchers at Apiiro have released two free, open-source tools designed to detect and block malicious code before they are added to software projects to curb supply chain attacks. The two ...

CodeRabbit combines code graph analysis and the power of large language models to identify issues in pull requests and suggest improvements, or even generate those improvements in a new branch. Code ...

Static code analysis and bug detection are integral to modern software engineering, providing a systematic approach to identify defects and security vulnerabilities without executing the code. By ...

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

In the year 2025, as AI Agents transition from laboratory experiments to enterprise applications, the RAG ...

The high cost of finding and patching application flaws is well known. Wouldn’t it be cheaper to write secure code in the first place? One of the fastest growing areas in the software security ...

CITIC Bank recently obtained a patent titled "A Method and System for Generating Open Source Vulnerability Repair Solutions Based on LLM," which was authorized in July 2024. This initiative marks an ...

A few days ago, I showed you an amazing new ChatGPT feature available to paying users. Plus, Pro, and Team tier users can now point Deep Research at an entire GitHub repo and get back analysis reports ...