AI/ML, API security, Cloud Security

Automated code vulnerability remediation enabled by new GitHub AI tool

Share

Increasingly prevalent code security flaws have prompted GitHub to introduce a new artificial intelligence-powered tool enabling the automated remediation of security issues in the coding process for GitHub Advanced Security customers, reports TechCrunch.

Simultaneously leveraging the developer platform's Copilot and CodeQL tools, GitHub's code-scanning autofix feature, which is still in beta, has been touted to address over two-thirds of discovered code bugs, as well as cover over 90% of alert types across supported programming languages. GitHub also noted the tool's usage of OpenAI's GPT-4 model to determine the necessary fixes and provide additional details. "Just as GitHub Copilot relieves developers of tedious and repetitive tasks, code scanning autofix will help development teams reclaim time formerly spent on remediation. Security teams will also benefit from a reduced volume of everyday vulnerabilities, so they can focus on strategies to protect the business while keeping up with an accelerated pace of development," said GitHub. Such a development comes on the heels of a newly released Sentry AI Autofix functionality for production code debugging.

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.