x

Qodo Raises $40M to Enhance AI-Driven Code Integrity and Developer Efficiency

New Post has been published on https://thedigitalinsider.com/qodo-raises-40m-to-enhance-ai-driven-code-integrity-and-developer-efficiency/

Qodo Raises $40M to Enhance AI-Driven Code Integrity and Developer Efficiency

In a significant step forward for AI-driven software development, Qodo (formerly CodiumAI) recently secured $40 million in a Series A funding round led by Susa Ventures and Square Peg, with additional contributions from Firestreak Ventures and ICON Continuity Fund. The investment boosts the company’s total funding to $50 million and marks a pivotal moment for Qodo as it continues to transform the software development landscape by focusing on AI-enhanced code quality and efficiency.

AI-Driven Code Generation with a Focus on Quality

Qodo has gained significant traction by addressing one of the key concerns in AI-assisted software development: code integrity. As more code is being generated by AI, the risk of introducing bugs or errors has increased. Qodo’s platform is designed to counter these challenges by focusing on a quality-first approach. It enables developers to not only generate code but also test, review, and document it in a streamlined manner, enhancing code reliability and reducing the chance of bugs or failures.

The platform integrates seamlessly into popular integrated development environments (IDEs) like Visual Studio and JetBrains, and it supports a wide range of git platforms, including GitHub, GitLab, and BitBucket. Its advanced features include context-aware code suggestions, test generation, and a pull request assistant that flags potential issues, allowing developers to confidently accelerate their workflows.

Qodo’s innovative approach has already been embraced by more than 1 million developers globally. Notable clients include Fortune 100 companies, such as Intel and MercadoLibre, which have incorporated Qodo’s platform to enhance their development pipelines.

Unparalleled Developer Support and Enterprise Adoption

The platform has already garnered over 700,000 installs and boasts strong reviews from developers and tech leaders. Qodo’s toolset supports a wide range of programming languages, including Python, JavaScript, TypeScript, Java, C++, and Go, making it versatile enough for diverse enterprise environments. Moreover, its enterprise solution, launched earlier this year, provides organizations with advanced code analysis and best practices databases, allowing for highly customized and context-specific code generation.

One of the standout features of Qodo’s platform is its use of Retrieval Augmented Generation (RAG) technology, which allows the system to generate code that aligns with the specific best practices of each organization. This level of customization is key for enterprises managing large and complex codebases. The platform’s ability to iteratively test and fix code through automated processes ensures robust code quality, ultimately reducing downtime and enhancing developer productivity.

In fact, Qodo has reported a 25% time savings for development tasks, with the platform catching an average of five bugs per developer each month. Additionally, over 90% of developers using the platform have successfully completed all assigned tasks, showcasing the efficiency and reliability of the tool.

Enterprise Growth and Market Recognition

Qodo’s rapid growth is evident in its enterprise adoption. Since launching its enterprise offering in March 2024, the company has exceeded $1 million in annual recurring revenue (ARR) within just three months. The solution’s advanced features and focus on code integrity have made it a valuable asset for organizations that prioritize robust, error-free code.

Industry recognition has also followed. In 2024, Gartner named Qodo a Cool Vendor in AI-Augmented Development and Testing for Software Engineering. Additionally, Qodo was selected for AWS’s Generative AI Accelerator, further cementing its status as a leader in AI-driven code development.

A Vision for the Future of AI-Powered Software Development

Qodo’s success lies in its commitment to combining artificial intelligence with human expertise. As CEO and co-founder Itamar Friedman explained, “Success won’t come from rushing to automate everything. Instead, we need to carefully integrate AI tools to enhance human expertise, focusing on quality and adaptability rather than just speed.” This philosophy underpins the company’s focus on generating code with integrity, ensuring that AI-driven development is reliable, safe, and aligned with organizational standards.

The increasing role of AI agents in software creation necessitates a balance between automation and human oversight. Qodo’s quality-first approach ensures that AI-generated code is reliable and secure, addressing concerns about potential bugs and system vulnerabilities. This focus on code integrity is critical as enterprises continue to adopt AI-driven development practices.

Looking Ahead

With a strong user base, enterprise adoption, and significant financial backing, Qodo is well-positioned to drive the future of AI-assisted software development. The company’s platform continues to evolve, offering developers and enterprises alike the tools they need to build, test, and deploy high-quality code faster and more confidently.

As the software development industry continues to embrace AI, Qodo’s commitment to quality and efficiency is set to become an essential part of the evolving tech landscape. By enabling developers to move quickly without sacrificing reliability, Qodo is not just changing how code is written—it’s shaping the future of software development.

Welcome.

Welcome to my Tumblr blog!

I'm interested in exploring my thought-cloud ☁️ about computing here.

I'm also interested in hearing your thoughts about distributed application development, content delivery networks, edge computing, and cloud computing.

I live in Vermont, not far from where I grew up.

The Vampire Aesthetic

Ok so Danny knows two billionaires personally and they really couldn’t be more different. Yet they had one thing in common. A vampire aesthetic. Sam is fully into goth. Spiderwebs, bats, the color black. She enjoys fangs and fake blood and the darkness of her soul. Meanwhile, Vlad is Vlad. If his name wasn’t enough, the dark clothing, pale skin, and flying around with a cape and fangs with coffins in his mansion really sells it.

Danny doesn’t know many rich people so he thinks this might be some kind of trend. (If Paulina is rich, her family likes the chupacabra) So he just thinks that all rich people have some kind of vampire thing going on.

Cue Danny somehow ending in the Wayne household. Maybe he was brought over as a friend of one of the bats, maybe rescued from a field trip/vacation gone wrong, maybe some other situation. But he is there in civilian form with civilian Waynes and Danny just takes a good long look around the inside of the mansion.

“So where’s the vampire aesthetic?

Everyone freezes.

Danny just starts looking around, checking behind paintings and feeling the walls for secret levers. Used to secret passages with Vlad and possibly Sam. The Fentons definitely had them when they were temporarily rich.

“Come on, I know you guys are hiding it.”

Cue the entire batfamily thinking that this is another Tim and that he is fully aware that these people are the batfamily. Danny hangs around the mansion more and the bats just start dropping their disguises and not even bothering to hide stuff around Danny because they assume he already knows. (Possibly even trying to recruit him to be a new bat) Meanwhile, Danny, who does not know these people are batman and his birds, just does not pick up on any of it.

He grew up in a health violation with a giant ballon observatory lab above his head and a portal to the afterlife in his basement. He is a half dead teenager who has tea with the god of time and his godfather is the other parent to his clone child. He’s used to death lazers being scattered across his home and mysterious stains on clothing.

People are weird! He doesn’t judge!

Hello there!

so, here's the deal:

I, a burnt out autistic highschooler, want to create an app for therians (as a therian myself).

Here's the basic features:

A database full of information on as many animals as possible (that can and will be updated!)

Blank templates for otherkins!

Each user has a profile- public or private- and can add theriotypes and notes about those theriotypes!

A journal feature where you can add pictures, drawings, and notes to a digital journal, similar to a glorified notes app lol- and you can make certain parts of your journal public or private!

Packs!

What are packs?

Have some word soup as an explanation: Basically if you want to create a pack to either make friends or add your friends, you can submit a pack request, where you explain why you want to make a pack and if you have specific people in mind to join, and I'm thinking that I don't want it to be like everyone has their own pack or whatever so that's why it has to be approved and stuff like I don't want too many different packs. Basically it's like a discord server or an amino thingy it's a big group chat and the pack creators can set up virtual events and send out pings like "hey! Join this zoom call if you wanna do some arts and crafts!!" Or smth like that

It's a database and a community!! If you would like to help out, please please please send an ask!! I would love all the support I can get!

P.S.

BE NICE AND DRINK WATER

I'm already about 110% in love with these rough draft character sprites....

these are all unshaded, and will probably be continued to be edited, but I just wanted to share to get feedback! both garak and quark have alternate outfits as well ^^

Help! I'm a Perfect Genius, but This Potential Employer Asked Me a Boring Interview Question!

Ask A Manager, 13 Feb 2024:

I was rejected from a role for not answering an interview question. I had all the skills they asked for, and the recruiter and hiring manager loved me. I had a final round of interviews — a peer on the hiring team, a peer from another team that I would work closely with, the director of both teams (so my would-be grandboss, which I thought was weird), and then finally a technical test with the hiring manager I had already spoken to. (I don’t know if it matters but I’m male and everyone I interviewed with was female.) The interviews went great, except the grandboss. I asked why she was interviewing me since it was a technical position and she was clearly some kind of middle manager. She told me she had a technical background (although she had been in management 10 years so it’s not like her experience was even relevant), but that she was interviewing for things like communication, ability to prioritize, and soft skills. I still thought it was weird to interview with my boss’s boss. She asked pretty standard (and boring) questions, which I aced. But then she asked me to tell her about the biggest mistake I’ve made in my career and how I handled it. I told her I’m a professional and I don’t make mistakes, and she argued with me! She said everyone makes mistakes, but what matters is how you handle them and prevent the same mistake from happening in the future. I told her maybe she made mistakes as a developer but since I actually went to school for it, I didn’t have that problem. She seemed fine with it and we moved on with the interview. A couple days later, the recruiter emailed me to say they had decided to go with someone else. I asked for feedback on why I wasn’t chosen and she said there were other candidates who were stronger. I wrote back and asked if the grandboss had been the reason I didn’t get the job, and she just told me again that the hiring panel made the decision to hire someone else. I looked the grandboss up on LinkedIn after the rejection and she was a developer at two industry leaders and then an executive at a third. She was also connected to a number of well-known C-level people in our city and industry. I’m thinking of mailing her on LinkedIn to explain why her question was wrong and asking if she’ll consider me for future positions at her company but my wife says it’s a bad idea. What do you think about me mailing her to try to explain?

Sir,

You have been wronged in the most grievous of ways by a coven of retaliatory, self-aggrandizing women who have failed in the extreme to recognize your brilliance, your talent, and above all, your general superiority.

Of course you should mail this mediocre "grandboss" on LinkedIn to inform her of the deep offense she caused you by interviewing you in the first place, let alone doing so using a boring question — indeed, you have a moral and professional obligation to do so in order to preserve your honor and the honor of scores of men like you who have never done a single solitary thing wrong in their lives, ever.

But I beg you to consider doing more. A single, private message to one incompetent bitch may not convey to the necessary parties the depth and breadth of the situation. Many, many people have important lessons to learn from your experience, and I encourage you to share it widely. Consider making a public LinkedIn post, and ensure that it is shareable across platforms. Depending on your financial resources, a billboard with your name, professional headshot, and contact information could go a long way toward ensuring that everyone in your industry who needs to know just how you handled the way these women treated you, does know about it. I hope that in your continuing job search, you are able to connect with potential employers who have a much better grasp of all you bring to the table.

until i started rooting around in the world data with dfhack i didn't realize that dwarf fortress randomly generates dance forms for each civilization and they can spread via trade and contact. you cannot really engage with this system at all in fortress mode, and adventure mode is still in beta, so this is hilarious to me. it's like the procedurally generated musical instruments. the things that tarn adams chooses to simulate in excruciating detail are really random.

and yet each species still has only one language, the name generation system is patently ridiculous, and the topography is pure perlin noise. this is why dwarf fortress will always have a charm its imitators can never match. it's just completely idiosyncratic in terms of its concerns and aesthetic.

✌️✌️.

Confronting the Security Risks of Copilots

New Post has been published on https://thedigitalinsider.com/confronting-the-security-risks-of-copilots/

Confronting the Security Risks of Copilots

More and more, enterprises are using copilots and low-code platforms to enable employees – even those with little or no technical expertise – to make powerful copilots and business apps, as well as to process vast amounts of data. A new report by Zenity, The State of Enterprise Copilots and Low-Code Development in 2024, found that, on average, enterprises have about 80,000 apps and copilots that were created outside the standard software development lifecycle (SDLC).

This development offers new opportunities but new risks, as well. Among these 80,000 apps and copilots are roughly 50,000 vulnerabilities. The report noted that these apps and copilots are evolving at breakneck speed. Consequently, they are creating a massive number of vulnerabilities.

Risks of enterprise copilots and apps

Typically, software developers build apps carefully along a defined SDLC (secure development lifecycle) where every app is constantly designed, deployed, measured and analyzed. But today, these guardrails no longer exist. People with no development experience can now build and use high-powered copilots and business apps within Power Platform, Microsoft Copilot, OpenAI, ServiceNow, Salesforce, UiPath, Zapier and others. These apps help with business operations as they transfer, and store sensitive data. Growth in this area has been significant; the report found 39% year-over-year growth in the adoption of low-code development and copilots.

As a result of this bypassing of the SDLC, vulnerabilities are pervasive. Many enterprises enthusiastically embrace these capabilities without fully appreciating the fact that they need to grasp how many copilots and apps are being created – and their business context, too. For instance, they need to understand who the apps and copilots are meant for, which data the app interacts with and what their business purposes are. They also need to know who is developing them. Since they often don’t, and since the standard development practices are bypassed, this creates a new form of shadow IT.

This puts security teams in the difficult position with a lot of copilots, apps, automations and reports that are being built outside of their knowledge by business users in various LoBs. The report found that all of the OWASP (Open Web Application Security Project) Top 10 risk categories are ubiquitous throughout enterprises. On average, an enterprise has 49,438 vulnerabilities. This translates to 62% of the copilots and apps built via low-code containing a security vulnerability of some kind.

Understanding the different types of risks

Copilots present such significant potential threat because they use credentials, have access to sensitive data and possess an intrinsic curiosity that make them difficult to contain. In fact, 63% of copilots built with low-code platforms were overshared with others – and many of them accept unauthenticated chat. This enables a substantial risk for possible prompt injection attacks.

Because of how copilots operate and how AI operates in general, stringent safety measures must be enforced to prevent the sharing of end user interactions with copilots, sharing apps with too many or the wrong people, the unneeded granting of access to sensitive data via AI, and so on. If these measures are not in place, enterprises risk increased exposure to data leakage and malicious prompt injection.

Two other significant risks are:

Remote Copilot Execution (RCEs) – These vulnerabilities represent an attack pathway specific to AI applications. This RCE version enables an external attacker to take complete control over Copilot for M365 and force it obey their commands simply by sending one email, calendar invitation or Teams message.

Guest accounts: Using just one guest account and a trial license to a low-code platform – typically available free of charge across multiple tools – an attacker need only log in to the enterprise’s low-code platform or copilot. Once in, the attacker switches to the target directory and then has domain admin-level privileges on the platform. Consequently, attackers seek out these guest accounts, which have led to security breaches. Here’s a data point that should strike fear into enterprise leaders and their security teams: The typical enterprise has more than 8,641 instances of untrusted guest users who have access to apps that are developed via low-code and copilots.

A new security approach is needed

What can security teams do against this ubiquitous, amorphous and critical risk? They need to make certain that they have put controls in place to alert them to any app that has an insecure step in its credential retrieval process or a hard-coded secret. They also must add context to any app being created to make sure that there are appropriate authentication controls for any business-critical apps that also have access to sensitive internal data.

When these tactics have been deployed, the next priority is to make sure appropriate authentication is set up for apps that need access to sensitive data. After that, it’s a best practice to set up credentials so that they can be retrieved securely from a credential or secrets vault, which will guarantee that passwords aren’t sitting in clear or plain text.

Securing your future

 The genie of low-code and copilot development is out of the bottle, so it’s not realistic to try to put it back in. Rather, enterprises need to be aware of the risks and put controls in place that keep their data secure and properly managed. Security teams have faced many challenges in this new era of business-led development, but by adhering to the recommendations noted above, they will be in the best possible position to securely bring the innovation and productivity enterprise copilots and low code development platforms offer toward a bold new future.

(Don't Call Me Super-) Boy meets (Martian) Girl.

M'gann goes on a school exchange program in National City. Saul Erdel (scientist friend of the Martians) accompanies her while meeting with his other scientist friends in town. Luckily for M'gann, not everyone in National City's a stranger.

Essentials You Need to Become a Web Developer

HTML, CSS, and JavaScript Mastery

Text Editor/Integrated Development Environment (IDE): Popular choices include Visual Studio Code, Sublime Text.

Version Control/Git: Platforms like GitHub, GitLab, and Bitbucket allow you to track changes, collaborate with others, and contribute to open-source projects.

Responsive Web Design Skills: Learn CSS frameworks like Bootstrap or Flexbox and master media queries

Understanding of Web Browsers: Familiarize yourself with browser developer tools for debugging and testing your code.

Front-End Frameworks: for example : React, Angular, or Vue.js are powerful tools for building dynamic and interactive web applications.

Back-End Development Skills: Understanding server-side programming languages (e.g., Node.js, Python, Ruby , php) and databases (e.g., MySQL, MongoDB)

Web Hosting and Deployment Knowledge: Platforms like Heroku, Vercel , Netlify, or AWS can help simplify this process.

Basic DevOps and CI/CD Understanding

Soft Skills and Problem-Solving: Effective communication, teamwork, and problem-solving skills

Confidence in Yourself: Confidence is a powerful asset. Believe in your abilities, and don't be afraid to take on challenging projects. The more you trust yourself, the more you'll be able to tackle complex coding tasks and overcome obstacles with determination.

cozy summer afternoons

they love working together