Black Duck® Software, Inc., a global leader in application security solutions, has released significant updates to its AI-powered application security assistant, Black Duck Assist™. The updated tool, now integrated into the company's Code Sight™ IDE plugin, introduces automated security scanning for both AI-generated and traditional code, offering AI-driven code fixes within developer environments.
These enhancements ensure developers have seamless protection of their application code, with Black Duck Assist scanning code in real-time for security vulnerabilities and potential IP violations as it's written or generated. This proactive approach allows developers to address issues promptly, ensuring compliance and security before moving on to subsequent tasks.
Moreover, Black Duck Assist equips developers with AI-generated vulnerability summaries, code analyses, and code fix recommendations, all without leaving their development environment. This facilitates a more efficient workflow by eliminating the need to switch tools or engage external security experts, streamlining the process of delivering secure and compliant code.
The tool's compatibility now extends beyond traditional IDEs like Eclipse, IntelliJ, and Visual Studio, to also include AI code editors such as Cursor and Windsurf. This broadened scope ensures developers can securely incorporate AI-generated code from platforms like GitHub CoPilot and Claude Code.
In a further enhancement, Black Duck Assist supports natural language queries on both its IDE and the Polaris™ platform. Users can access project statistics, review testing results, identify trends, and obtain answers on product configurations.
"These advancements underscore Black Duck's commitment to harnessing the power of AI to enhance our products and help our customers securely and confidently embrace the benefits of AI-augmented development," said Dipto Chakravarty, Chief Product and Technology Officer at Black Duck. "By extending Black Duck Assist directly into the developer's workflow, we empower them to build secure software faster and more efficiently than ever before."