Black Duck at the moment introduced the launch of Black Duck Sign
, a brand new agentic AI platform designed to safe software program on the similar velocity it’s now being developed with AI coding instruments.
As AI-driven growth accelerates, conventional safety testing strategies have struggled to maintain tempo. Black Duck Sign goals to bridge that hole by combining 20 years of the corporate’s software program safety experience with giant language mannequin (LLM)-powered software program evaluation to autonomously detect and remediate vulnerabilities throughout supply code, binaries, provide chain elements, and working purposes.
The rise of AI coding assistants and autonomous agent workflows has reworked how software program is constructed. Nonetheless, it has launched new challenges in making certain the safety of AI-generated code. Sign is purpose-built for this period, working natively inside AI-enabled growth environments to determine, prioritise, and repair vulnerabilities in actual time.
Not like generic AI instruments, Sign blends superior multi-model LLM expertise with human-labeled utility safety intelligence from the Black Duck KnowledgeBase, an unlimited repository constructed over years of study of each open-source and industrial software program. The result’s a system that gives correct, context-aware insights with out the noise, hallucinations, or false positives that always plague automated code evaluation.
Sign’s agentic structure permits each builders and safety groups to work extra effectively by integrating immediately with AI coding assistants similar to Google Gemini, GitHub Copilot, Claude Code, and Cursor, in addition to with different Black Duck safety merchandise. The platform’s real-time evaluation capabilities enable it to scan new and modified code because it’s written, making certain steady safety with out slowing down the event course of.
“AI is revolutionizing how software program is constructed—and with Sign, Black Duck is redefining the way you safe it by utterly eliminating the noise of legacy instruments,” stated Jason Schmitt, CEO of Black Duck. “Builders are transferring quicker than ever, embracing AI to construct and ship software program at unprecedented velocity. Sign is the primary programming language-agnostic safety evaluation product to mix the facility of LLM-based code evaluation with petabytes of human-labeled safety knowledge curated over our many years of analysing real-world industrial and open-source software program. Sign is designed to provide builders the readability, confidence, and management they should innovate securely—with out slowing down.”
Along with real-time code evaluation, Sign automates the remediation course of with verified code fixes and library patching, decreasing handbook effort whereas sustaining developer management. It additionally brings superior exploitability evaluation to cut back alert fatigue and focuses consideration on the vulnerabilities that matter most. Past conventional vulnerability scanning, Sign’s AI-driven detection of enterprise logic flaws offers groups visibility into application-level zero-days that sometimes evade rule-based methods.
The put up Black Duck launches Sign™, bringing agentic AI to utility safety appeared first on IT Safety Guru.
