Ad
Short

Anthropic has released a new open source tool on GitHub that automatically checks code for security vulnerabilities. The GitHub action "Claude Code Security Reviewer" uses the Claude AI model to scan pull requests for potential security issues.

According to the project description, the tool can spot security vulnerabilities across different programming languages by understanding the context of the code. It automatically adds comments directly in code discussions, filters out likely false positives, and focuses only on files that have been modified. The tool is available under the MIT license on GitHub.

Short

Microsoft has unveiled Project Ire, an AI system designed to automatically analyze software files and determine whether they contain malware. The system uses reverse engineering tools to inspect program code, builds a chain of evidence, and then decides if a file is dangerous. Project Ire was developed by teams from Microsoft Research, Defender Research, and Discovery & Quantum. In tests, Ire correctly identified 90 percent of malware in Windows drivers while producing very few false positives. In another trial with files that were especially difficult to classify, the system achieved 89 percent precision. Microsoft plans to integrate Project Ire into Microsoft Defender as a "Binary Analyzer," aiming to help security analysts by automating routine threat detection.

Ad
Ad
Ad
Ad
Ad
Ad
Google News