Black Duck Enhances AI-Powered Security Assistant with Real-Time Code Scanning and Fixes

Black Duck Software, Inc. has unveiled significant enhancements to its AI-powered application security assistant, Black Duck Assist, now integrated into the Code Sight IDE plugin. This development marks a pivotal step in securing AI-generated code by offering automated security scanning and fixes within developers' environments. The integration aims to bridge the gap between coding efficiency and security, a challenge highlighted by Gartner's insights on generative AI's impact on software engineering.

The upgraded Black Duck Assist features real-time scanning of code as it is written or generated by AI coding assistants, identifying vulnerabilities and potential intellectual property violations early in the development process. This proactive approach allows developers to address security issues without leaving their development environment, significantly reducing the time and effort required to ensure code security and compliance.

Furthermore, Black Duck Assist now provides AI-generated summaries of vulnerabilities, detailed code analysis, and suggestions for fixes, all accessible within the IDE. This functionality is designed to empower developers to produce secure and compliant code more efficiently, without the need to switch between tools or consult security experts. The plugin's compatibility has been extended to include AI code editors like Cursor and Windsurf, alongside traditional IDEs such as Eclipse, IntelliJ, and Visual Studio, facilitating the safe use of code generated by AI assistants like GitHub CoPilot and Claude Code.

Another notable enhancement is the support for natural language queries within the IDE and the Polaris platform, enabling users to easily retrieve project statistics, testing results, and trends, as well as find answers to product-related questions. These advancements reflect Black Duck's commitment to leveraging AI to improve product offerings and support customers in adopting AI-augmented development securely.

Dipto Chakravarty, Chief Product and Technology Officer at Black Duck, emphasized the company's focus on integrating security directly into the developer workflow to enable faster and more efficient software development. The enhancements to Black Duck Assist are set to be showcased at the Black Hat Conference in Las Vegas on August 6-7, 2025, offering a glimpse into the future of secure, AI-powered development tools.

For more information on Black Duck Assist and its capabilities, interested parties can explore the company's official website or view the dedicated Black Duck Assist video.