The machine learning technology can cut down time to review findings by thousands of days
NORTHPORT, N.Y. – July 21, 2020 – Code Dx, Inc., a provider of an award-winning application security workflow management solution that automates and accelerates the discovery, prioritization, and risk assessment of software vulnerabilities, today announced the release of Triage Assistant, a machine learning technology designed to drastically reduce one of the most prevalent issues in software security today— time lost reviewing massive amounts of false positives and other insignificant findings.
According to NIST, 66% of findings from application security testing tools are irrelevant — either false positives or insignificant to an organization. Running just one software application through a single testing tool produces approximately 10,000 findings, and the average finding takes 10 minutes to review. This adds up in 132 days spent reviewing irrelevant findings for only one application and one testing tool. Many enterprises manage hundreds of applications and use a variety of testing tools, causing them to lose thousands of hours reviewing irrelevant findings.
Triage Assistant solves this problem by automatically recommending which findings to act on and which ones to ignore, based on prior triage decisions made for similar warnings. Triage Assistant trains on your specific data, so it is tailored to your organization and can be deployed across all your tools and applications. It is also deployed completely on-premise, within your firewall, removing any concerns about sensitive data being exposed.
“The release of Triage Assistant is an important step for Code Dx as we continue to build on the industry’s first end-to-end AppSec automation platform,” said Code Dx Chief Technology Officer, Ken Prole. “Large enterprises are increasingly struggling with the issue of false positives and miscellaneous ‘noise’ due to the rapid pace of today’s software development lifecycle. Triage Assistant serves as an essential lifeline for them.”
Triage Assistant empowers organizations to scale their software security programs efficiently and cost-effectively without adding additional resources to filter through an unmanageable number of false positives and other immaterial findings.
Triage Assistant is available as part of Code Dx Enterprise and Enterprise Pro. To book a demo or learn more, please contact Code Dx at (631) 759-3993 or [email protected]
About Code Dx
Code Dx is an Application Security Orchestration and Correlation (ASOC) system that automates the resource-intensive workflows of finding, analyzing and remediating software application vulnerabilities—at DevOps speed. It provides a centralized platform to manage software vulnerabilities, from initial testing through remediation, and continuously assess security risks throughout the software development lifecycle. Its reports and metrics for tracking software security processes over time serve as an organization’s AppSec System of Record. For more general information, please contact Code Dx at (631) 759-3993 or [email protected].
All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.