Harness Acquires Qwiet AI to Strengthen AI-Driven Application Security in DevOps
Mike Vizard details how Harness’s acquisition of Qwiet AI brings AI-powered code testing and native security automation to the DevOps platform, enhancing application security for development teams.
Harness Acquires Qwiet AI to Strengthen AI-Driven Application Security in DevOps
Author: Mike Vizard
Harness has announced its acquisition of Qwiet AI—formerly known as ShiftLeft—to bolster application security within its DevOps platform by leveraging artificial intelligence.
Key Points
- Qwiet AI Integration: Harness will integrate Qwiet AI’s AI-powered security tool directly into its platform. Qwiet AI provides AI agents that detect and remediate code vulnerabilities.
- Expansion of DevSecOps Capabilities: With Qwiet AI and Traceable (acquired earlier), Harness extends its security features for API protection, supply chain security, and orchestration of security testing as part of the software development lifecycle (SDLC).
- Technical Advancements:
- Qwiet AI utilizes a Code Property Graph (CPG), merging abstract syntax trees, control flow graphs, and program dependence graphs for a holistic view of code structure.
- The technology enables identification and recommendation of vulnerability fixes at the source code level for developer review.
- AI Automation: Harness has developed its own AI agent for automating security tasks, aiming to minimize manual integration with third-party tools.
Impact on DevOps Workflows
- First-Party Security: By making security a “first-class citizen” in DevOps workflows, Harness seeks to eliminate the need for standalone security tools and streamline security testing within the SDLC.
- AI’s Dual Role: As the adoption of AI coding tools increases, so does the risk of introducing insecure patterns and dependencies in code. Harness’s unified platform aims to both detect these issues early (shift left) and protect running applications (shield right).
Industry Significance
- Rising Importance of DevSecOps: With alert fatigue among developers and the pace of AI advancement, there’s a growing need for integrated, AI-driven DevSecOps solutions that empower development teams to resolve security issues proactively and efficiently.
- Platform Strategy: Harness argues that tightly integrated AI agents offer advantages over fragmented legacy toolchains for organizations pursuing faster and more secure software delivery.
References and Further Reading
- Harness Merges with Traceable to Provide Integrated DevSecOps Platform
- Harness Extends Scope and Reach of AI Platform for Automating DevOps Workflows
This article highlights how Harness’s acquisition of Qwiet AI marks a significant step in automating and embedding application security directly within the DevOps process, leveraging advanced AI-driven code analysis and security automation.
This post appeared first on “DevOps Blog”. Read the entire article here