News
Checkmarx launch AI solutions for the Checkmarx One platform
May 2024 by Marc Jacob
As a new crop of AI-related threats emerges from the rapid adoption of generative AI (GenAI) tools within application development, Checkmarx has forged a secure path forward for enterprise development and AppSec teams. Building on its earlier innovations to protect ChatGPT-generated code and provide AI-guided remediation, the company is now announcing the launch of its AI Security offering, which includes AI Security for GitHub Copilot, AI Security Champion and real-time in-IDE scanning to empower developers to validate AI-generated code, auto-remediate vulnerabilities and write more secure code from the start.
These new solutions not only secure AI-generated code from potential threats, but also improve the accuracy of and speed at which security issues can be discovered and remediated in code. A new partnership with Prompt Security further extends this secure, streamlined approach to the prevention of code and intellectual property (IP) leakage.
With these new tools and the Prompt Security integration partnership, Checkmarx is addressing two areas of risk arising from the use of GenAI tools that are already in widespread use by development teams: securing the output provided by GenAI tools and securing the data and intellectual property being shared with them.
“GenAI is being rapidly adopted by both application development teams and by threat actors, with little visibility into the extent of use and potential risks for CISOs and AppSec leaders,” said Michelle Abraham, research director, Security and Trust at IDC. “There is a significant market need for solutions that can enable developers to harness GenAI’s potential as an accelerator while providing security leaders with the oversight and risk mitigation required to ensure mature AppSec.”
These new AI solutions within the Checkmarx One platform are equipping developers and AppSec teams with new ways to check and remediate vulnerabilities in real-time:
• AI Security for GitHub Copilot: Scans code generated by GitHub Copilot in the IDE, detecting security issues and ensuring that AI-generated code adheres to security best practices.
• AI Security Champion: Introduces auto-remediation for SAST vulnerabilities. AI Security Champion significantly speeds up time to remediation by suggesting replacement code that removes vulnerabilities detected by Checkmarx SAST.
• Real-time, in-IDE scanning: Provides real-time feedback to developers as they write code within their IDEs. It scans the developer’s code as it’s written, detecting security issues in the code and presenting them within the IDE. Instant feedback ensures that the developer’s code is well-protected and secure from the start, while maintaining productivity.
• Checkmarx GPT: Extends open source and malicious packages detection with the ability to scan ChatGPT-generated source code and is available in the GPTStore.
