“Nothing more perfectly represents the decision-making tension faced by CISOs than the existence of both significant opportunities and new vulnerabilities presented by open source and GenAI-generated code,” said Sandeep Johri, CEO at Checkmarx. “Checkmarx has long been a pioneer in application security for enterprise customers and, with GenAI playing an increasing role in application development, we’re pleased to provide the first solution to help protect against the new generation of attacks already emerging. With CheckAI, CISOs can rest assured that the superior developer experience will ensure that AppSec standards are met while accelerating applications’ time-to-delivery.”
With the CheckAI Plugin for ChatGPT in combination with Supply Chain Threat Intelligence from Checkmarx, CISOs and application security leaders can ensure that development teams take advantage of time-saving GenAI tools like ChatGPT while remaining aligned and compliant with AppSec standards.
Within a highly productive environment featuring a superior developer experience, development teams can readily:
“With GenAI disrupting how we develop software we need to make sure we provide the right tools and governance to our developers for utilizing GPT. Nobody is slowing down.” said Sharon Uda, VP of Engineering at CHEQ. “For CHEQ, as the leader in protecting marketing teams from the hazards of GenAI, protecting our developers is as important. With the CheckAI Plugin for ChatGPT, we’re able to protect our developers against the new types of attack that GenAI brings to the table.”
“We’re already seeing new attacks against GenAI solutions, including ‘AI hallucinations’ and prompt injections, and the OWASP Foundation has already published the first draft of the OWASP Top 10 list for LLMs,” said Ori Bendet, VP of Product Management at Checkmarx. “We’re very excited to be the first AppSec vendor to provide real solutions to protect against these new types of attacks and encourage all GenAI solution providers to partner with us as we continue to expose new ones.”
In December of 2022, Checkmarx AppSec security researchers discovered a vulnerability in the OpenAI signup process that could have allowed unlimited credit on new accounts. The team reported the vulnerability to OpenAI, who rapidly worked to resolve it. OpenAI is a research and development company with a mission to create safe and powerful AI that benefits all of humanity.
The CheckAI Plugin for ChatGPT is available as part of the ChatGPT plugins beta – which is currently available to all ChatGPT Plus users – and protects against malicious packages and open source dependencies. Additional use cases, such as prompt protection, IaC validations, API validation and more will be added as part of planned future releases.
CheckAI is powered by Checkmarx One, the industry’s most comprehensive application security platform, together with Checkmarx’ Supply Chain Threat Intelligence for detecting malicious open source packages. Purpose-built for cloud-native application development, Checkmarx One is highly scalable and integrates seamlessly with developers’ tools and development environments of choice.
For more information on early access to Checkmarx’ CheckAI Plugin for ChatGPT, visit this page.
About Checkmarx
Checkmarx is the leading application security provider, offering the industry’s most comprehensive and innovative cloud-native platform, Checkmarx One™. Fueled by intelligence from our industry-leading AppSec security research team, our products and services enable enterprises to shift everywhere in order to secure every phase of development for every application while simultaneously balancing the dynamic needs of CISOs, security teams, and development teams. We are honored to serve more than 1,800 customers, including 60 percent of Fortune 100 organizations, and are committed to moving forward with an unwavering dedication to the safety and security of our customers and the applications that power our day-to-day lives. Checkmarx. Make Shift Happen.
Follow Checkmarx on LinkedIn, YouTube, and Twitter
SOURCE Checkmarx