Introducing Qwiet AI AutoFix! Reduce the time to secure code by 95% Read More

As we embark on this new chapter in application security, it’s important to understand how AI and machine learning can provide greater understanding and insight into vulnerabilities than older methods of detection. In this article we will cover the following:

  • The risk of using vulnerable dependencies (directly or transitively)
  • Not all vulnerabilities pose risk. Why not?
  • The drawbacks of shallow analysis by security vendors leading to many false positives
  • Motivating by example (CVE-2021-29425)
  • How Code Graph aided by Mach