The integration of machine learning into software development is revolutionizing the field, automating tasks and generating complex code snippets at an unprecedented scale. However, this powerful paradigm shift also presents significant challenges including the risk of introducing security flaws into the codebase. This issue is explored in depth in the paper Do Users Write More Insecure Code with AI Assistants? by Neil Perry, Megha Srivastava, Deepak Kumar, and Dan Boneh.

Did you know that Bearer offers the ability to automatically compile the privacy information Legal teams need from Security and Engineering teams?

When we started to build Bearer, we wanted to understand how to validate the quality of our findings and be able to benchmark it. Code security scanning solutions are notorious for reporting a lot of false positives and other deficiencies, and even though we believed we could do much better, we needed a way to prove it. In Java, there is an OWASP project, BenchmarkJava, which makes it easy to compare the output of two software security solutions.

Previously, we talked about the first phase of our battle testing process. If you haven’t already, give it a read for background on this article. After Bearer CLI proved itself solid against a variety of real-world projects, it was time to take things to the next level and compare the quality of results over time, and against the results of other static application security testing (SAST) tools.

Since we announced version 1.3 of Bearer CLI in early April, the team has been working relentlessly to make major movements and ship amazing new features. Before you read it all, we advise you to update to the latest version in the background 🙂, that way you can start exploring all right after finishing this article!

Applications are usually considered battle tested if they've been around a while and work as expected in most known situations. In software, we want the binary releases we make to have this level of confidence. The problem is, when you’re building something new how can you make up for the time and active user advantage of established software? In this article we’ll look at the early stage of our battle-testing process and how it influenced our future testing.

Bearer is extremely proud to announce the formation of the Bearer Board of Advisors, a group of some of the world’s most respected cybersecurity professionals, including several industry-leading CISOs and CTOs. All of our advisors have made major impacts in cybersecurity for their companies, and for the industry at large.

Today, we're pleased to announce a new approach to help teams manage application code security at scale supercharged with deep sensitive data context, and ship trustworthy products faster.

Bearer CLI's CI/CD integration with GitLab is a great way to add security scanning to your projects. We've taken things a step further and now support GitLab's SAST security scanner integration directly in GitLab CI for GitLab Ultimate users. This feature is available in Bearer CLI v1.9.0 and later. See our upgrade guide for your platform. Let’s dive into how it works.

As part of Bearer CLI v1.9.0 release, we're thrilled to offer improved code scanning integration with GitHub for our open-source security scan. In this article, we'll briefly go over the format that makes this possible, how it works, and how you can start using it today.