Jaden Shafer
๐ค SpeakerAppearances Over Time
Podcast Appearances
I think under the hood, the system is going to use this multi-agent architecture, which is important, right?
It's not just one agent.
They have multiple agents running through this.
a couple of the AI agents are going to analyze the code base in parallel.
So it's not just like, you know, you run this thing once and you've got to wait for it to go finish.
Like there's multiple agents running through different parts of this.
At the same time, they're going to be examining pull requests from different perspectives.
Then there's going to be a final agent that aggregates the findings.
It's going to remove any duplicates, right?
Because like if two agents are running through and they both see a security finding and maybe it's, you know, kind of related to two different sections and they both report it, there's going to be one agent that just kind of, um,
you know, merges those two together, it's going to remove the duplicates, and then it's going to rank the most important issues.
The tool is also performing kind of a light security analysis, I think they're, they intentionally want to say, you know, look, guys, this is a quote, unquote, light security analysis, they don't want people to get overly confident that this is going to like fix all security that could ever happen from this AI generated code.
But yeah, I think it is important that we're starting to have this conversation because this is something that absolutely is an issue in the industry.
Engineering teams are then going to be able to customize any sort of additional checks based on their own internal standards, which is cool, right?
It's beyond just like, hey, we built a tool that can do this for you.
It's like, well, do you guys have anything that you frequently need to check inside of your code or inside of your industry?
You can go add those to it.
And then I think for deeper security reviews, Anthropic also has a separate product called Cloud Code Security that can go even deeper on all of that.
I think because the system is running multiple agents simultaneously, cloud review can be basically pretty computationally intensive.
It's going to use a lot.