Abstract

LAZARUS is a three-year research and innovation project that aims to heal many of the security issues that befall modern software during its development lifecycle. The recently introduced area of DevSecOps - in medium to large companies - unfortunately lacks automated security tools, while most existing solutions are targeting only one narrow step of the SDLC process but miss a much needed holistic overview of the global security solution. LAZARUS innovates by intervening in multiple steps of the SDLC, performing targeted security checks and collecting valuable information and intelligence from each step, and exploiting advanced ML and AI methods to convert this intelligence into actionable insights and recommendations. The main innovations of LAZARUS are illustrated in the figure below. Moreover, we provide advanced features for developers, that employing our tools would be able to deploy more intelligent and distributed solutions through dedicated APIs. LAZARUS follows an open-source approach for the core functionality, which is supported by a realistic and viable business model for the sustainability and further exploitation of the project after it reaches the end of this financing phase. To validate the efficacy of the project outcomes we have secured two exciting real- world, diverse, pilots in two very different and demanding sectors.