Cycode Ltd. today introduced a set of new features designed to help development teams ensure that their code is secure.

The enhancements are rolling out for the company’s flagship ASPM, or application security posture management, platform. It helps developers scan new software for vulnerabilities before releasing it to production. Cycode spots issues across custom code, application components downloaded from open-source repositories and configuration scripts.

The company has built up a user base that includes Broadcom Inc., PayPal Holdings Inc. and other major tech firms. It raised about $80 million from investors along the way.

The first addition to Cycode’s platform is a collection of artificial intelligence agents called AI Teammates. According to the company, the agents can automate common cybersecurity tasks to save time for developers.

The first automation tool in the AI Teammates lineup is the Change Impact Analysis Agent. When developers update a code repository, the tool automatically scans the modifications to determine whether they may create new cybersecurity risks. 

Software teams can also search for risks manually using the second AI agent included in the update. According to Cycode, the Risk Intelligence Graph Agent makes it possible to scan for cybersecurity issues using natural language prompts. A developer could, for example, ask the tool to check whether a code repository contains any open-source modules with known vulnerabilities.

The Risk Intelligence Graph Agent is powered by a data management system called RIG that Cycode ships with its platform. The system collects information about code vulnerabilities and the configuration of a company’s development environment. When Cycode finds a vulnerability, RIG can surface related details such as the development team responsible for fixing it. 

Cycode’s third new AI agent is known as the Exploitability Agent. There are situations where a vulnerability represents a risk in theory but can’t be used to launch cyberattacks in practice, for example because the system it affects isn’t connected to the internet. Exploitability Agent automatically checks whether a vulnerability can cause a breach to help developers prioritize their remediation efforts.

Rounding out the AI Teammates lineup is the Fix & Remediation Agent. It generates suggestions on how to fix insecure code.

The AI features are rolling out alongside an update to CI/MON, a tool that Cycode ships with its platform to help secure CI/CD pipelines. Those are the automated workflows that companies use to release code to production. CI/MON collects data about breach attempts using eBPF, an open-source technology that turns the Linux kernel into an observability tool.

Cycode has upgraded CI/Mon with a runtime memory protection feature. The capability prevents malware from stealing data during the build process, the phase of a software rollout when code files are turned into a functioning application. The feature does so by restricting access to a part of Linux that allows one process to download data from another process’s memory.

The memory protection feature in CI/MON is available immediately. Cycode plans to start rolling out its new AI agents later this month.

Photo: Unsplash