SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
SecOps
#
AI
#
Cybersecurity

AI-powered code checker launched to tackle security flaws

Thu, 17th Apr 2025
Author image
By Catherine Knowles, Journalist

Symbiotic Security has released version 1 of its code checker assistant, a tool designed to detect security vulnerabilities in real-time and provide fixes along with advice within developers' coding environments.

The product is built to address security threats as they arise, using artificial intelligence to check both human-written and AI-generated code for potential issues while aligning with existing development workflows. The tool aims to eliminate the trade-off between code security and development speed by integrating its checking features directly into integrated development environments (IDEs). This integration enables developers to receive secure code suggestions, review AI-generated fixes, and skip manual code reviews focused solely on security.

Symbiotic Security's version 1 leverages an AI model that has been trained on a proprietary, security-specific, and verified dataset. According to the company, this approach differentiates it from models trained on more general code datasets, allowing for faster and more precise detection of vulnerabilities specific to security concerns.

The product also includes an embedded AI chatbot designed to deliver contextual explanations, training, and recommended remediation strategies when vulnerabilities are detected. Developers can engage with the chatbot for tailored recommendations that address both the vulnerabilities and secure coding practices relevant to their current work.

Industry research highlights the increasing risk posed by AI-generated code. A study conducted by Stanford University found that developers using AI code assistants produced more insecure code, while often being overly confident in its security. Further analysis from Wuhan University found security vulnerabilities in 32.8% of Python and 24.5% of JavaScript code snippets generated by the GitHub Copilot AI assistant, underscoring the importance of rigorous checks for AI-created code.

Jerome Robert, Co-Founder and Chief Executive Officer of Symbiotic Security, said, "Now developers don't have to choose between security and speed. By addressing vulnerabilities early with AI technology that identifies and fixes security issues automatically and in real-time as code is drafted, developers are able to ship secure software faster while avoiding costly security incidents. We've seen clear results – our customers have completely avoided an average of more than 50 vulnerabilities per user, which have been detected and remediated locally."

Branden Wagner, Head of Information Security at Mercury, commented on the benefits of the new tool, stating, "Security and privacy aren't just checkboxes for us, they're the foundation of trust with our customers. Symbiotic Security has helped us take that commitment even further, strengthening our infrastructure with more proactive defenses. Avoiding vulnerabilities through early remediation and training fundamentally changes how security is applied and perceived by developers, aligns with our shift-left vision, and gives our clients the confidence in knowing security is built into everything we do."

Among its core features, Symbiotic Security version 1 provides automatic AI remediation by suggesting secure code replacements as soon as a problem is detected. These suggestions can be applied directly or modified by the developer. The real-time AI training aspect allows developers to learn about security concerns immediately and within the context of the code they are working on.

The AI chat tool enables developers to explore vulnerabilities, alternative secure coding strategies, and discuss optimised solutions tailored to their needs. This immediate feedback loop is designed to promote learning and the adoption of security best practices without interrupting the development workflow.

Edouard Viot, Co-Founder and Chief Technology Officer at Symbiotic Security, said, "Making security a positive experience for developers is key to growing their cyber judgement and knowledge. By integrating AI-powered training into their workflow and using their current work as the reference point, developers learn in a way that's impactful, helping them better understand and resolve security vulnerabilities without disrupting productivity."

By embedding its AI-powered detection and remediation capabilities directly into the software development lifecycle, Symbiotic Security version 1 aims to ensure that vulnerabilities are addressed early, reducing the risk of issues in released code and minimising technical debt accrued from unresolved security flaws. The intent is to enable development and security operations teams to resolve security risks as part of their existing processes, eliminating the need for after-the-fact interventions or manual reviews focused on software vulnerabilities.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Illumio unveils AI security graph for cloud threat response
One in fourteen workers use China-based AI apps, study shows
Organisations face risk with open-source AI & cloud use
Cobalt report reveals gaps in critical vulnerability fixes
Bots surpass humans in online traffic, Thales reports
Top stories
Telstra tech helps Good Friday Appeal donations top USD $1m
Kaspersky reports record revenue, USD $822m in 2024
Kiteworks reveals the top data breaches of 2024 report
FireMon recruits four Skybox sales leaders for expansion
Hitachi Vantara unveils VSP One with AI ransomware defence