Functions have vulnerabilities. A number of them. And there’s not sufficient time to repair all of them. In Checkmarx’ just lately launched Way forward for Utility Safety report, 29% of AppSec managers reported that they knowingly launched weak functions as a way to meet a deadline and 27% reported that the vulnerabilities could be mounted in a later launch.
However what when you may get dependable steering and a recommended repair for these vulnerabilities? Now you can – utilizing Generative AI.
We beforehand introduced AI Guided Remediation for IaC, and now we’re comfortable to now introduce AI Safety Champion with auto-remediation for SAST.
This answer goes past mere identification by providing actionable fixes alongside every discovering.
These suggestions, tailor-made to the precise vulnerability, permit builders to:
- Deepen their understanding of the problem’s nature and affect.
- Navigate the remediation course of with confidence, saving time and assets.
- Make the repair as shortly and simply as doable.
Introducing AI Safety Champion for SAST
AI Safety Champion for SAST makes use of the ability of GenAI to suggest code to repair every vulnerability.
The AI Safety Champion goes past merely figuring out vulnerabilities. Whereas guided remediation supplies AI-generated help, options, explanations, and different steering in human-readable language, auto-remediation supplies the precise code that can be utilized straight inside the improvement workflow.
This empowers builders to confidently navigate the remediation course of, saving useful time and assets, enabling builders to assessment after which robotically implement the repair. It’s so simple as copy and paste (and shortly, we can even add the power to robotically implement it on the contact of a button)!
This integration signifies a major development within the realm of software safety testing. By harnessing the ability of synthetic intelligence, we’re excited to supply a streamlined and environment friendly strategy to vulnerability remediation, enabling organizations to attain their safety targets with out compromising improvement velocity.
How It Works
AI Safety Champion with auto-remediation is an integral a part of the Checkmarx One platform, which makes it straightforward to undertake and implement. The brand new AI Safety Champion operate meets builders the place they’re – inside the built-in improvement environments (IDE) that builders are already utilizing.
Preliminary Setup
To set it up, choose the “AI Security Champion” plugin from the plugins menu inside Checkmarx One.
Then connect with ChatGPT.
Make AI Your Latest Safety Champion
As soon as it’s arrange, that is the place to start out transferring ahead. All the pieces takes place within the IDE as Checkmarx is totally built-in. Builders keep of their pure atmosphere.
After arrange, choose a vulnerability from Checkmarx One outcomes.
Choose the “AI Security Champion” tab from the Checkmarx One outcomes and click on Begin Remediation.
AI Safety Champion exhibits the developer the next:
- Confidence rating – On a scale of 0 (low)-100 (excessive), signifies the diploma of confidence of how exploitable the vulnerability is within the context of your code.
- Rationalization – An OpenAI-generated description of the vulnerability.
- Proposed remediation –A custom-made code snippet, generated by OpenAI, that can be utilized to remediate the vulnerability in your code.
- “Ask a question” – An extra immediate to ask AI Safety Champion in regards to the vulnerability or proposed code.
How one can Get Began
Checkmarx SAST customers on Checkmarx One can get began right away. Merely allow AI Safety Champion.
Profiting from the capabilities introduced by AI are simply another excuse to make use of Checkmarx One. Current CxSAST customers can work with their buyer success supervisor emigrate to Checkmarx One.
Current clients can contact their account supervisor to study extra. Everybody else, contact Checkmarx in the present day.
