AI Security Champion; AI Security for GitHub Copilot; and real-time, in-IDE code scanning secure AI-generated code and accelerate developers’ security adoption
As a new crop of AI-related threats emerges from the rapid adoption of generative AI (GenAI) tools within application development, Checkmarx, the industry leader in cloud-native application security for the enterprise, has forged a secure path forward for enterprise development and AppSec teams. Building on its earlier innovations to protect ChatGPT-generated code and provide AI-guided remediation, the company is now announcing the launch of its AI Security offering, which includes AI Security for GitHub Copilot, AI Security Champion and real-time in-IDE scanning to empower developers to validate AI-generated code, auto-remediate vulnerabilities and write more secure code from the start.
These new solutions not only secure AI-generated code from potential threats, but also improve the accuracy of and speed at which security issues can be discovered and remediated in code. A new partnership with Prompt Security further extends this secure, streamlined approach to the prevention of code and intellectual property (IP) leakage.
With these new tools and the Prompt Security integration partnership, Checkmarx is addressing two areas of risk arising from the use of GenAI tools that are already in widespread use by development teams: securing the output provided by GenAI tools and securing the data and intellectual property being shared with them.
Also Read: McAfee and Intel Showcase AI-Powered Deepfake Detection Technology on the AI PC at RSA
“GenAI is being rapidly adopted by both application development teams and by threat actors, with little visibility into the extent of use and potential risks for CISOs and AppSec leaders,” said Michelle Abraham, research director, Security and Trust at IDC. “There is a significant market need for solutions that can enable developers to harness GenAI’s potential as an accelerator while providing security leaders with the oversight and risk mitigation required to ensure mature AppSec.”
These new AI solutions within the Checkmarx One platform are equipping developers and AppSec teams with new ways to check and remediate vulnerabilities in real-time:
- AI Security for GitHub Copilot: Scans code generated by GitHub Copilot in the IDE, detecting security issues and ensuring that AI-generated code adheres to security best practices.
- AI Security Champion: Introduces auto-remediation for SAST vulnerabilities. AI Security Champion significantly speeds up time to remediation by suggesting replacement code that removes vulnerabilities detected by Checkmarx SAST.
- Real-time, in-IDE scanning: Provides real-time feedback to developers as they write code within their IDEs. It scans the developer’s code as it’s written, detecting security issues in the code and presenting them within the IDE. Instant feedback ensures that the developer’s code is well-protected and secure from the start, while maintaining productivity.
- Checkmarx GPT: Extends open source and malicious packages detection with the ability to scan ChatGPT-generated source code and is available in the GPTStore.
“Checkmarx is leading the way with our continuous investment and innovation in the area of GenAI and application security,” said Kobi Tzruya, Chief Product Officer at Checkmarx. “In order to secure enterprise data and applications, we’ve committed to improving the developer experience by bringing seamless AppSec capabilities into their workflows in a way that enables them to leverage the power of GenAI while mitigating the new risks that it can bring. Our partnership with Prompt Security illustrates our commitment to building an open technology ecosystem with innovative companies and their best-of-breed AI solutions.”
Source: BusinessWire