Developers working with the Qwiet AI platform will soon receive suggestions for improvement when the AI finds incorrect or vulnerable code. This new feature, called AI Autofix, should save an incredible 95 percent of time. In other words, if this works as well as Qwiet claims, developers will only have to spend their time on real challenges.
The platform was previously capable of detecting vulnerabilities, which was an important reason to use it in the first place. But with AI AutoFix, developers will immediately receive one or more suggestions for fixing vulnerabilities. Instead of just telling developers there is a problem, AI AutoFix proactively analyzes the code and offers solutions immediately. This should save developers a lot of time and effort.
AI AutoFix generates contextual code suggestions based on the operation of the application being worked on. The AI also looks at previous fixes for similar vulnerabilities. As a result, the suggested fixes are not only secure but also take into account the specifics of the application’s code and architecture. According to Qwiet, this offers an efficiency gain and reduces the risk of introducing new problems during the repair process.
Tip: Devin is the first AI software engineer: should developers be worried?
Analysis and alternative within 90 seconds
The smart assistant uses Qwiet’s proprietary method of analyzing an application’s Code Property Graph (CPG). This provides the tool with deep insight into potential vulnerabilities, the data flow and structure of the code.
When presented with this processed info, the developer is better equipped to fix the security or other issues found. Whether the developer uses the suggested code or not is up to them. According to Qwiet, this process usually takes no more than 90 seconds per case.
Qwiet AI’s platform is modular, meaning Qwiet has not pinned itself down to using one specific AI model. If future developments compel the company to switch models, that’s possible. That doesn’t apply to customers; they use whatever model Qwiet chooses.
‘Attacks start with insecure code’
“All cyber attacks start with insecure code,” believes Qwiet CEO Stuart McClure. He hopes his company’s innovation will become the standard for application security, significantly improving the efficiency and effectiveness of software development.
“Tremendous strides have been made by the industry in identifying vulnerabilities in code earlier in the software development cycle, however addressing these vulnerabilities has historically been a time-consuming process,” he continues. “With AI AutoFix, Quiet AI is taking the first meaningful step toward eliminating security vulnerabilities as we identify them.”
Qwiet AI (formerly ShiftLeft) aims to simplify AppSec and DevSecOps by using AI to detect and now proactively fix zero-day and pre-zero-day vulnerabilities in code. The underlying AI comes from NumberOne AI. The San Jose-based company has received capital contributions from SYN Ventures, Bain Capital Ventures, Blackstone, Mayfield, Thomvest Ventures and SineWave Ventures.
Also read: GitHub Copilot Workspace: will AI replace software engineers?