Scribe Security, a leading provider of a continuous assurance platform for software supply chain, is thrilled to announce the early availability launch of its innovative AI-based AppSec chatbot. This unique tool is designed to help customers efficiently manage their product security challenges, including application security (AppSec) and development security operations (DevSecOps).
Also Read: DevSecOps Tools for CIOs in 2024
“Our customers use Scribe to generate and gather extensive security-related information about their software artifacts, CI/CD pipelines, and SDLC processes,” explains Danny Nebenzahl, CTO of Scribe Security. “We help them make sense of this data and derive actionable insights with BI-based data mining and rich analytics. Our next step was to incorporate AI capabilities, creating a ‘Co-pilot for AppSec’ that can answer questions in natural language and provide immediate responses without needing to search through tables and graphs. For instance, it can alert users to new risks in their products, like critical vulnerabilities or CI security gaps such as expired tokens, and assist in prioritization and remediation.”
Scribe Security’s platform is renowned for generating unique security data through a suite of collectors embedded into CI/CD pipelines, creating signed attestations of the product’s provenance, integrity, security posture, SBOM, vulnerabilities, and compliance. These data points form an interconnected evidence graph, which narrates the complete lifecycle of the code at every stage. Additionally, it maps the software factory’s assets and tracks the lineage from code to cloud.
Also Read:Â Rethinking Business Intelligence: 3 Imperatives for CEOs
The newly introduced AI-AppSec chatbot, named Heyman—after King Solomon’s wisest advisor—is natively integrated into Slack, providing security engineers with quick access to relevant data, enabling faster understanding and prompt reaction to security issues.
“It’s like having an intermediate security engineer embedded in your team,” says Rubi Arbel, CEO of Scribe Security. “Heyman helps prioritize and remediate DevSecOps
misconfigurations and AppSec tasks, such as addressing vulnerabilities and policy violations. The bot offers an efficient way to query your software’s security attestations, allowing you to tackle the hard work faster. This innovation can save significant time and money in a market constantly facing talent shortages.”
Heyman is currently available as an early-access Slack bot exclusively for Scribe’s existing customers. Customers use the Scribe software supply chain platform to generate and collect software security attestations, which serve as the foundation for Heyman’s assistance.
Also Read: Intel’s Lunar Lake Processors: Arriving Q3 2024
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]