The rising adoption of AI coding assistants has underscored a critical need for application security solutions that can keep pace with development speed. Black Duck Signal aims to bridge this gap by integrating sophisticated agentic AI capabilities into the software development lifecycle.
Sixty-six per cent of respondents to a Gitlab survey acknowledged using AI today in software development lifecycle. The more interesting insight is 98% expect to use AI in the years ahead. Among respondents to the same Gitlab study, 84% agree "Agentic Al would allow me to focus on doing the job I was hired to do by handling all the side tasks that pile up (e.g., administrative work, meeting prep, etc.)."
By autonomously detecting and remediating vulnerabilities across source code, binaries, and supply chain components, Signal allows security teams and developers to focus on their core objectives without compromising the integrity of their applications.
Signal leverages Black Duck's extensive experience in software security, drawing on two decades of data and insights from the Black Duck KnowledgeBase. This repository ensures that the security findings produced are accurate and context-aware, substantially reducing the noise generated by less sophisticated AI tools.
As a result, teams can prioritise remediation efforts effectively, addressing the most pressing vulnerabilities in real time.
Jason Schmitt, CEO of Black Duck, expressed the importance of this launch within the context of modern software development practices. He remarked, “AI is revolutionising how software is built—and with Signal, Black Duck is redefining how you secure it.”
This emphasis on synergy between development speed and security capability is crucial, especially as organisations face increasing pressures from both market demands and evolving cyber threats.
Key features of Black Duck Signal include real-time analysis of code changes, integration with popular AI coding assistants such as Google Gemini and GitHub Copilot, and automated remediation processes. These capabilities are tailored to both modern and legacy programming languages, providing comprehensive coverage across a diverse technological landscape.
Black Duck Signal is now available to existing customers and design partners. The company indicated that broader access is anticipated in early 2026.
In an era where vulnerabilities can emerge from various sources, the introduction of Black Duck Signal signifies a substantial step forward in the mission to secure business-critical applications efficiently. For further insights on how AI is reshaping the landscape of application security, visit FutureCISO.
