Larkin wrote in an article published on Carahsoft.com how tools built on the generative pre-trained transformer technology like Veracode Fix could help software developers learn security techniques.
“It takes the next step from scanning code for flaws and vulnerabilities to showing developers how to fix the code before deploying it in an application,” he said of Veracode Fix.
Larkin explained how the company trains a model by identifying flaws through a scan, recognizing what type of flaw, mapping the code to known bad vulnerabilities and matching the bad code with good patches.
He discussed the company’s use of a “supervised learning model on a curated dataset” while meeting the government’s modernization and security requirements without relying on customer code references for future fixes.
“The approach ensures that we can provide our government customers with reliable fixes they can easily implement,” Larkin added.
The Department of the Army has issued a presolicitation notice for a potential $270 million multiple-award indefinite-delivery/indefinite-quantity contract that would…
Ignacio “Iggy” Alvarez has been promoted to executive vice president and general manager, Air Force at Astrion. The Huntsville, Alabama-based company said…
