Glog project is focused on research and development of the solution that is able to give remediation advice for security vulnerabilities in software code based on context or, even more, to automatically fix the security vulnerabilities in the code. We are developing such a solution based on machine learning and AI. Agility in software security is becoming a reality.
It’s estimated that 90 percent of security incidents result from attackers exploiting known software security vulnerabilities. Resolving those issues early in the development phase of software could reduce the information security risks facing many organizations today. A number of technologies and tools are available to help developers catch security flaws before they’re baked into a final software release. They include SAST, DAST, IAST, and RASP.
However, you develop your software and scan it for security vulnerabilities with static, dynamic, interactive (SAST, DAST, IAST) or other application security testing methodologies and tools. They report a number of potential security vulnerabilities, which your developers and other teams need to analyze and fix the code. Then you re-scan, find some old and some new vulnerabilities, then remediate again… This takes a lot of time, creates friction between teams and jeopardizes your delivery timelines. If you deliver and deploy vulnerable code that can be breached, the damage could be huge and your reputation ruined.
Sounds familiar, doesn’t it?
Now imagine a solution that is able to give remediation advice based on context or, even more, to automatically fix the security vulnerabilities in your code without bothering your development teams. Sounds interesting?
We are developing such a solution based on machine learning and AI. Agility in software security is becoming a reality.
I came up with idea and proposed way to create solution couple of years ago. It has been my “side project” as inventor of idea and project lead for period of time. Project is based on my experience, knowledge and expertise in the field. Now, this is going from scientific and academic research, to work toward practical implementation with PoC.
Team, working on this project, is international with mix of industry professionals, innovators and scientists which have deep knowledge and experience in software development, cybersecurity, specifically in application and software security, as well as in machine learning. It was stealth R&D project so far and going to “visible phase” now.
In parallel, we are looking to get funding and partners.
Interested in to learn more about Glog, to invest, contribute in R&D, do business or be a partner? Please contact me.