An Israeli-based application security vendor, OX Security, has launched a plugin for ChatGPT, making use of the generative AI assistant’s abilities to improve software supply chain security and reduce the time taken to implement personalized security recommendations. OX Security said that generative AI has already affected the IT security sector, describing examples such as its use in drafting phishing messages and searching for vulnerabilities. The ChatGPT integration is designed to ensure that security teams can detect problems, receive code fixes, and rapidly respond to them. The OX-GPT plugin enables developers to gain genuine understanding of vulnerabilities by presenting information that highlights how hackers could exploit code issues. To tackle issues more efficiently, the plugin crafts “cut-and-paste code” designed specifically to secure and fix problems, along with a detailed explanation of how the fix works.
The plugin links OX’s OSC&R framework to ChatGPT’s learning model. This allows the AI to learn how to solve specific issues through anonymized data within the framework. Avivah Litan, a distinguished VP analyst at Gartner Research, believes that the plugin provides security teams with a valuable asset in the identification of code vulnerabilities. It gives developers the ability to speed up the process of remediation by interacting with ChatGPT using natural language, while enabling the AI engine to traverse vast knowledge to determine vulnerabilities and suggest remedial actions.
However, Lita cautioned that ChatGPT, while supporting development, is not a panacea for cybersecurity, citing the need for human involvement in ensuring continuous monitoring. Inaccurate information provided by the generative AI could generate false positives, which may undermine its reputation and limit its usage.
OpenAI, the developer of ChatGPT, introduced its plugin feature in March, and it debuted to pay subscribers this week. By allowing the AI service to interact with third-party data sets and features, the plugin provides a degree of flexibility and ensures broad usage. Although OpenAI initially projected consumer services such as OpenTable and Kayak, enterprise use cases for ChatGPT are yet to emerge.
OX-GPT became available to the public yesterday and is free for teams with up to 20 developers, but information on billing for larger companies is not available at this time.