Kusari Makes Merges Secure & Simple with Clear Go/No-Go Guidance, Step-by-Step Fixes
Kusari, a leading innovator in software supply chain security, unveiled Kusari Inspector, an artificial intelligence (AI)-based pull request security tool that brings cutting-edge security risk analysis directly into developers’ daily workflows.
In Kusari Inspector, Kusari has brought together a powerful combination of industry standards, AI, and dependency graph analysis, to help organizations detect software supply chain risks early during the pull request process, and address them before code integration. The tool finds security weaknesses and supply chain risks in order to maintain secure development throughout every stage.
Cyber Technology Insights : Oracle Unveils Defense Ecosystem to Transform National Security Innovation
“Kusari Inspector puts robust security insights right where developers need them: in their pull requests. The recommendations come from Kusari’s analysis of the full dependency graph, including security practices and code provenance, so the result is always actionable — there’s no worry about ‘AI slop.’ By catching vulnerabilities and risky dependencies early, teams can move faster and ship more secure code,” said Tim Miller, CEO and Co-Founder at Kusari.
In addition to core supply chain analysis, Kusari Inspector introduces advanced safeguards and interactive features to further empower developer security.
Key Features & Benefits
- Pull Request Inspection & Analysis: Receive instant, context-rich, annotated security reports with inline explanations on every new or updated pull request, saving time and reducing back-and-forth with security teams.
- Safe to Merge: Clear go/no-go guidance, remediation suggestions, and step-by-step instructions to mitigate risks. Flags exposed credentials, sensitive secrets, workflow misconfigurations; blocks typosquatted or maliciously named dependencies and prohibited licenses; enforces rules and policies across the organization.
Cyber Technology Insights : Keeper Security to Pursue FedRAMP High Authorization and Impact Level 5 Classification
- Prioritized Risk Assessments & Reduced Alert Noise: Identify and rank risky, low-trust, or vulnerable dependencies—direct and transitive—based on industry trusted data sources (CVSS, EPSS, Known Exploited Vulnerabilities) early in development and reduce noise by accounting for unexploitable vulnerabilities.
- Adaptive AI Model with Interactive Guidance: Delivers precisesafe to merge guidance through deep code analysis, continuously learning from your codebase and preferences. Developers can chat with AI to clarify findings, customize recommendations, and set security standards.
- Automated SBOM Generation: Automatically generate and collect source SBOM data for all connected projects and repositories.
“Installing Kusari Inspector in your code repository takes just a few minutes, and then your vulnerabilities, risks, and license issues are immediately detected and flagged within your pull requests. This empowers developers to address security concerns early—eliminating the need for lengthy and iterative security reviews. With Kusari Inspector, a simple three-minute fix can prevent weeks of delay and frustration, allowing developers to stay focused on building great software,” shared Michael Lieberman, CTO and Co-Founder at Kusari.
Cyber Technology Insights : WireX Systems and Brown & Brown Partner to Enhance Cyber Risk Management and Insurance Outcomes
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
Source: businesswire
