MuseDev Launches Muse Code Analysis Platform
August 03, 2020

MuseDev launched on Github Marketplace the Early Access version of its code analysis platform, Muse, to help developers find and fix critical security, performance, and reliability bugs, efficiently, before they reach QA or production.

Muse makes Continuous Assurance easy to implement, saving time and money, and yielding better code.

Research shows that bugs are 10x more expensive to fix in production than in the development process, while finding errors during code review dramatically reduces these costs and yields higher fix rates. By incorporating code analysis earlier in the process, Muse brings Continuous Assurance to development teams, helping them achieve high security and quality standards without ever interrupting their flow.

"The Security/QA stage is often the last part of the development process to go agile. When security tools exist outside the development workflow, every bug they find slows down development by making developers revisit older code." said Stephen Magill, CEO and co-founder of MuseDev. " We wanted to make it easy to set up a process that delivers a high level of assurance without getting in the way. And that's what we've delivered with Muse."

- Muse finds the most elusive bugs and delivers curated, actionable results. Built for DevOps, Muse integrates seamlessly into the modern development practice with a workflow designed to make it easy for Security and Developer Teams to find and fix errors quickly and collaboratively. MuseBot, the key efficiency driver, automatically analyzes each pull request and delivers bug reports in Github as code review comments, allowing developers to use their current tools and code review processes to handle static analysis results.

- Muse' s advanced analyses are configured for low noise. Code analysis is most effective when a broad range of analyzers are implemented. But tools commonly generate too many false positives and this risk increases as more tools are added. Muse includes a broad set of robust tools that are customized and configured out-of-the-box for low noise Included in our default tool set are the first commercially-supported versions of three powerful tools built by Google and Facebook (ErrorProne, Infer, and Pyre).

- Muse's open platform supports a range of teams. Running on an open API, Muse is fully customizable and can meet the needs of large scale enterprises down to smaller, leaner teams. Muse serves as a central point of integration for automated code scanning, allowing security, development, and QA teams to all add tools that satisfy each of their requirements.

- Muse makes implementation easy. Because code analysis is new to many software organizations, MuseDev is offering program analysis professional services to help enterprises develop and deploy broadbased code analysis that addresses the needs of developers, security, QA engineers, and compliance/audit teams. These services will enable companies to develop and maintain consistent but customizable code analysis across their organizations.

Gene Kim, Wall Street Journal bestselling author, researcher, and multiple award-winning CTO adds: "MuseDev is bringing the incredible developer productivity, security tools, and practices from Google and Facebook and making them accessible to the rest of the world, bringing substantial productivity gains to every organization."

The Muse Early Access launch includes MusePro features, free, for a limited time.

Muse is available as a GitHub app and will always be free for open source projects and other public GitHub repositories. During the Early Access period, analysis of private repos is also available at no cost. Muse's self-hosted Enterprise version (available for Github, Bitbucket, and Gitlab) continues in private beta and will be generally available at the end of the year.

Share this

Industry News

November 24, 2020

Red Hat announced new capabilities and features for Red Hat OpenShift, the company's enterprise Kubernetes platform.

November 24, 2020

Sectigo released Chef, Jenkins, JetStack Cert-Manager, Puppet, and SaltStack integrations for its certificate management platform.

November 24, 2020

DataStax released K8ssandra, an open-source distribution of Apache Cassandra on Kubernetes.

November 23, 2020

Spectro Cloud has released a new, self-hosted version of its flagship product, Spectro Cloud.

November 23, 2020

GitLab completed integration of Peach Tech, a security software firm specializing in protocol fuzz testing and dynamic application security testing (DAST) API testing, and Fuzzit, a continuous fuzz testing solution providing coverage-guided testing.

November 23, 2020

Fugue announced the availability of its SaaS product in AWS Marketplace, further simplifying the process for Amazon Web Services customers to use Fugue to bring their environments into compliance quickly, demonstrate compliance at any time, and Shift Left on cloud security.

November 19, 2020

Rollbar announced AI-assisted workflows powered by its new automation-grade grouping engine.

November 19, 2020

Buildkite expanded its integration with GitHub and introduced a new onboarding experience.

November 19, 2020

Rancher Labs launched a new Partner Program for the OEM and embedded community.

November 18, 2020

Puppet announced its evolution to an integrated automation platform to enable key business initiatives such as scaling DevOps, risk reduction, policy as code, and evolving cloud strategies.

November 18, 2020

Adaptavist has joined the GitLab partner program as a Select partner.

November 18, 2020

Postman launched the beta version of public workspaces, a hub that makes it possible for both API producers and consumers to seamlessly communicate and collaborate in real time without team or organizational boundaries.

November 17, 2020

Red Hat introduced new capabilities for Red Hat Enterprise Linux and Red Hat OpenShift intended to help enterprises bring edge computing into hybrid cloud deployments.

November 17, 2020

Humio announced the availability of the Humio Operator.

November 17, 2020

Accurics announced that Terrascan, the open source static code analyzer that enables developers to build secure infrastructure as code (IaC), has been extended to support Helm and Kustomize.