Skip to main content

Undo Enables AI Agents to Diagnose Root Cause of Application Issues

Undo today revealed that its platform for recording interactions within applications can now be accessed by artificial intelligence (AI) agents via a Model Context Protocol (MCP) server.

Company CEO Greg Law said this Undo AI capability makes it simpler for any agent to discover the root cause of any issue that otherwise would have required weeks or months to discover.

That capability is now more critical than ever at a time when AI tools are generating massive amounts of code that is overwhelming the ability of humans to actually review, he added.

The Undo platform records the complete execution of a program, including every instruction, variable, thread event and system call. That approach captures causality in a way that is deeper than what can be diagnosed solely by relying on log analytics and traces, said Law.

An AI agent can then query the recording in the same way they reason about static code to determine exactly how an application functions, he added. Armed with those insights, it becomes possible for AI agents to find the root cause of even intermittent failures and state-dependent bugs that are hidden in complex, multithreaded, multi-process systems, noted Law.

As a result, failing tests are resolved faster, which enables application development teams to spend more time on tasks that add more value to the business. DevOps teams can also track down the source of bad data flowing through systems with many interacting processes.

In the AI era, application developers are spending much more time reviewing code than actually writing it. The challenge they encounter, however, is that if they did not write the code in the first place, they often lack the context needed to effectively troubleshoot it. By giving an AI agent access to a platform that records how an application functions, it then becomes feasible to use an AI agent to review code.

Mitch Ashley, vice president and practice lead for software lifecycle engineering at The Futurum Group, said the debugging bottleneck now sits in a runtime state that source code and logs cannot show. Agents reason about static code far better than runtime behavior, so the ceiling on autonomous diagnosis is access to ground-truth execution that the model cannot infer alone, he added.

Teams overwhelmed by AI-generated code cannot clear the review backlog by adding agents, noted Ashley. Without deterministic runtime evidence, the reviewing agent inherits the guessing it was meant to remove, he added. That evidence layer is the precondition for delegating verification to agents at scale, said Ashley.

Each application development team will need to decide if they want an AI agent that is embedded in the AI tool used to create code to review code, or rely on a different third-party AI agent to validate the code created by that tool. Regardless of approach, the only way to effectively review code at scale will be to rely more on AI agents to also review it.

The amount of pressure that will be applied to review code more deeply is only going to increase in the months ahead as organizations come to terms with the ability of advanced AI models to discover vulnerabilities and weaknesses in applications in a matter of minutes. Left unresolved, those same issues will be discovered by cybercriminals who will use the same AI platforms to reverse engineer an exploit in a matter of hours. Like it or not, DevOps teams are now required to discover and resolve a lot more issues long before any of their code ever finds its way into a production environment.



from DevOps.com https://ift.tt/an71CJF

Comments

Popular posts from this blog

Shift Left to the Developer’s Machine: Building Local Git Security Gates 

A developer pushes one file. It contains an AWS access key left in a configuration block. Five minutes later, CI catches it. By then, the secret is in the remote repository, cached by mirrors and potentially forked. The developer rotates the key, scrubs the commit history and spends the rest of the afternoon on incident response. The real question isn’t how to clean up faster — it’s why the secret left the developer’s machine in the first place.   The Five-Minute Gap   Most engineering teams have invested in CI-based secret scanning . Tools such as GitHub Advanced Security, GitGuardian and TruffleHog’s CI integration catch leaked credentials in pull requests and pushed branches. This is good, but it’s also too late.   The GitGuardian 2026 State of Secrets Sprawl report found that 29 million secrets were detected on GitHub in 2025 alone — a 34% year-over-year increase and the largest single-year jump ever recorded. Worse, 64% of secrets leaked back in 202...

Building a Security Feedback Process for DevOps

The last few years have seen some major slip-ups in the security space among all major cloud providers, resulting in uncertainty and speculation. That’s understanding; cloud security is an extremely complicated subject as enterprises build and deploy applications faster than ever before to keep up with business requirements. Most of the security issues that occur […] The post Building a Security Feedback Process for DevOps appeared first on DevOps.com . from DevOps.com http://bit.ly/2L1DS7t