Veracode, a global leader in application risk management, announced today that it has been granted a U.S. patent (US12229040B2) for Veracode Fix, its innovative generative AI-powered security tool designed to remediate vulnerabilities across software development environments. This milestone highlights Veracode’s leadership in combining AI with software security to empower developers and enterprises to mitigate risk at scale. Launched in April 2023, Veracode Fix was the first solution of its kind to blend generative AI and human-curated security expertise, delivering automated fix recommendations across 11 programming languages—and now, its innovation has been officially recognized with a patent.
“The Veracode Fix patent demonstrates our unwavering commitment to customers by offering innovative security solutions that help organizations manage and remediate application risk at scale,” said Tim Jarrett, Group Vice President of Product Management at Veracode.
A Generative AI Breakthrough in Application Security
Veracode Fix automates the once-manual process of code remediation, empowering development teams to rapidly resolve vulnerabilities and accelerate secure software delivery.
Capabilities:
- AI-Powered Remediation: Automatically suggests fixes for security vulnerabilities using LLM technology.
- Multi-Language Support: Available across 11 programming languages in all integrated development environments (IDEs).
- Proactive Security: Reduces an organization’s attack surface before code reaches production.
- Development Speed: Accelerates vulnerability resolution cycles—up to 16x more vulnerabilities remediated at 3x the speed, according to customer feedback.
Customer Impact: Security at Speed and Scale
A leading global financial services organization shared their experience:
“Veracode Fix has empowered our development staff to naturally incorporate security practices into daily workflows. We’ve addressed 16x the vulnerabilities at triple the speed—significantly reducing our risk.”
By shifting security left and embedding generative AI into the developer toolchain, Veracode Fix allows teams to innovate confidently while staying compliant and secure.
Built on Secure Foundations: Proprietary, Supervised AI
Unlike generative AI tools trained on open-source code with questionable quality, Veracode Fix is trained using supervised learning on Veracode’s proprietary, verified knowledge base—ensuring both the accuracy and security of the fixes it suggests.
This strategic training methodology delivers:
- High-fidelity remediation tailored to real-world secure coding practices
- Avoidance of insecure code patterns common in open repositories
- Confidence in compliance with regulatory and industry standards
A Patent That Signals the Future of Secure DevOps
With the newly awarded U.S. patent, Veracode Fix stands as a landmark in the evolution of secure software development. It proves that generative AI—when applied thoughtfully and securely—can dramatically improve both development velocity and software resilience.
As cyber threats grow in complexity, innovations like Veracode Fix represent a crucial advance in helping organizations scale secure-by-design practices across their software lifecycles.
