Checkmarx, the world leader in application security solutions, has announced the CheckAI plugin for ChatGPT, the industry’s first plugin to help detect and prevent potential attacks against code generated by ChatGPT. The plugin allows developers and security teams to protect against attacks caused by malicious open source packages and dependencies while working within the ChatGPT interface.
“Nothing more perfectly represents the decision-making tension faced by CISOs than the existence of both significant opportunities and new vulnerabilities presented by open source and GenAI-generated code,”
“Checkmarx has long been a pioneer in application security for enterprise customers and, with GenAI playing an increasing role in application development, we’re pleased to provide the first solution to help protect against the new generation of attacks already emerging. With CheckAI, CISOs can rest assured that the superior developer experience will ensure that AppSec standards are met while accelerating applications’ time-to-delivery.”
Sandeep Johri, CEO at Checkmarx.
With the CheckAI plugin for ChatGPT combined with Checkmarx Supply Chain Threat Intelligence, CISOs and application security managers can ensure that development teams are leveraging time-saving GenAI tools like ChatGPT while remaining compliant and compliant with AppSec standards.
In a highly productive environment that delivers a superior development experience, development teams can easily:
- Scan their GPT-generated code for vulnerabilities within the ChatGPT interface
- Receive instant feedback on potential vulnerabilities or validation of open source packages
- Employ protection against malicious open source packages
“With GenAI disrupting how we develop software we need to make sure we provide the right tools and governance to our developers for utilizing GPT. Nobody is slowing down.”
“For CHEQ, as the leader in protecting marketing teams from the hazards of GenAI, protecting our developers is as important. With the CheckAI Plugin for ChatGPT, we’re able to protect our developers against the new types of attack that GenAI brings to the table.”
Sharon Uda, VP of Engineering at CHEQ.
“We’re already seeing new attacks against GenAI solutions, including ‘AI hallucinations’ and prompt injections, and the OWASP Foundation has already published the first draft of the OWASP Top 10 list for LLMs,”
“We’re very excited to be the first AppSec vendor to provide real solutions to protect against these new types of attacks and encourage all GenAI solution providers to partner with us as we continue to expose new ones.”
Ori Bendet, VP of Product Management at Checkmarx.
In December 2022, security researchers at Checkmarx AppSec discovered a flaw in the OpenAI registration process that could allow unlimited credit on new accounts. The team reported the vulnerability to OpenAI and OpenAI quickly fixed it. OpenAI is a research and development company with a mission to create secure and powerful AI that benefits all of humanity.
The CheckAI plugin for ChatGPT is available as part of the ChatGPT plugin Beta – now available to all ChatGPT Plus users – and protects against malicious packages and open source dependencies. Additional use cases, such as fast protection, IaC authentication, API authentication, etc. will be added as part of future release plans. CheckAI is powered by Checkmarx One, the industry’s most comprehensive application security platform, and Checkmarx Supply Chain Threat Intelligence to detect malicious open source packages.
Purpose-built for cloud-native app development, Checkmarx One is highly scalable and integrates seamlessly with developers’ preferred development environments and tools.