Checkmarx, a leading provider of application security solutions, has announced the launch of its CheckAI Plugin for ChatGPT. This groundbreaking plugin is the first of its kind in the industry and is designed to detect and prevent potential attacks against ChatGPT-generated code.
ChatGPT is a popular tool that utilizes artificial intelligence (AI) to generate code and assist developers in their work. However, this reliance on AI-generated code has also created new vulnerabilities that can be exploited by malicious actors. With the CheckAI Plugin, developers and security teams can now protect their applications against attacks that stem from open source packages and dependencies within the ChatGPT interface.
Sandeep Johri, the CEO of Checkmarx, highlights the significance of this development, stating, Nothing more perfectly represents the decision-making tension faced by CISOs than the existence of both significant opportunities and new vulnerabilities presented by open source and GenAI-generated code.
CheckAI is designed to address the growing role of AI in application development and ensure that security standards are met while accelerating delivery time. This plugin, used in conjunction with Supply Chain Threat Intelligence, enables CISOs and application security leaders to harness the benefits of AI tools like ChatGPT while remaining compliant with AppSec standards.
The CheckAI Plugin offers a superior developer experience, allowing development teams to work efficiently within a highly productive environment. The plugin provides protection against new forms of attacks specific to GenAI solutions, such as AI hallucinations and prompt injections. It is the first application security vendor to offer tangible solutions to counter these emerging threats.
Sharon Uda, VP of Engineering at CHEQ, emphasizes the importance of protecting developers using GenAI tools like ChatGPT. She remarks, With GenAI disrupting how we develop software, we need to make sure we provide the right tools and governance to our developers for utilizing GPT. Nobody is slowing down.
Ori Bendet, VP of Product Management at Checkmarx, urges other GenAI solution providers to collaborate in the fight against these new types of attacks. The company’s AppSec security researchers have already made important discoveries, including a vulnerability in the OpenAI signup process that could have led to unauthorized access.
The CheckAI Plugin for ChatGPT is currently available as part of the ChatGPT plugins beta. It safeguards against malicious packages and open source dependencies. Checkmarx plans to expand the functionality of the plugin in future releases, adding features like prompt protection, IaC validations, and API validation.
Driven by Checkmarx One, their comprehensive application security platform, CheckAI is poised to deliver innovative solutions to protect against evolving cyber threats. With its scalable architecture and seamless integration with development environments, Checkmarx One empowers developers while maintaining the highest level of security.
This latest development from Checkmarx signifies an important milestone in the ongoing quest for robust application security. By combining the power of AI with advanced security measures, organizations can continue to harness the benefits of GenAI tools while mitigating potential risks.
