DEVOPSdigest

Backslash Security(link is external) introduced its Fix Simulation and AI-powered Attack Path Remediation capabilities.

The new features equip security teams and developers with enhanced remediation guidance that is safe, secure and in the relevant context of the given application, ensuring that critical vulnerabilities can be fixed without introducing new risks.

Fix Simulation addresses a pervasive pain point faced by AppSec teams and developers: any version upgrade can introduce new risks due to unforeseen code dependencies, undoing progress and placing teams back at square one. Backslash Fix Simulation addresses this issue by simulating multiple fix options and demonstrating the resulting security posture for each one. This enables developers to save time, choose the best option, take multiple considerations into account including those unrelated to security, and avoid introducing new risks while addressing security issues.

Attack Path Remediation integrates with LLMs to give developers highly contextual guidance on code vulnerability remediation, while ensuring source code stays confidential. Drawing from the comprehensive contextual insight generated via Backslash reachability analysis, the platform produces safe and secure remediation guidance. By using code metadata from Backslash scans such as technology stacks and frameworks without sharing any code snippets, organizations can leverage LLM technology while protecting against data leaks and maintaining code privacy.

“We finished the first half of the year with a record number of new customers. This reinforced our belief that it’s critical not only to focus the AppSec team on what really matters, but also to simplify the process of fixing the issues found,” said Yossi Pik, co-founder and CTO of Backslash Security. “To address this need, we developed new remediation capabilities that ensure vulnerabilities are identified, prioritized, and fixed promptly, closing the loop with tailored, context-rich recommendations. It’s like having an insider provide fix suggestions, streamlining the process for security and development teams.”

These new capabilities align with CISA’s Secure by Design Pledge(link is external) requirements, providing organizations with a robust framework for maintaining security throughout the software development lifecycle. Backslash simplifies security integration into the development process, ensuring vulnerabilities are caught early and thus reducing entire classes of vulnerabilities.

Start a free trial with full access to the Backslash platform via a pre-configured demo environment that includes SAST, SCA, phantom packages, VEX, SBOM, secrets, and more.