Posted On: Jun 13, 2023
Today, AWS announces the preview release of Amazon CodeGuru Security, a static application security testing (SAST) tool that uses Machine Learning to help you identify code vulnerabilities and provide guidance you can use as part of remediation. CodeGuru Security also provides in-context code patches for certain classes of vulnerabilities, helping you reduce the effort required to fix code vulnerabilities.
By performing deep semantic analysis of your application code, CodeGuru Security detects vulnerabilities with a low false positive rate, enabling your engineering and security teams to be more efficient while triaging findings. CodeGuru Security flags a wide range of issues such as log injection, hardcoded credentials, and resource leaks, and is designed to integrate at different stages of the development workflow (code repository, CI/CD pipeline, container registry, etc.).