Mobb, a startup company, is aiming to help organizations fix vulnerabilities in their code more efficiently and effectively by leveraging AI and deterministic security algorithms. As the frequency of vulnerability scans increases, organizations are faced with the challenge of identifying and resolving a growing number of vulnerabilities. This process can be time-consuming and expensive, as manual fixes often require significant resources.
According to Eitan Worcel, the CEO and co-founder of Mobb, a single code scanning report may contain thousands of findings, and fixing each vulnerability can take anywhere from 30 minutes to several hours or even days. This not only costs organizations hundreds or thousands of dollars but also diverts resources away from developing new innovations and securing applications.
To address this issue, Mobb has developed a platform that combines AI, static code analysis, and deterministic security algorithms to analyze vulnerability scan results and recommend fixes based on best practices. After running a vulnerability scan with a static application security testing (SAST) tool, developers can upload the results to Mobb’s platform. The “fix engine” of Mobb’s platform then identifies the problematic sections of code and provides recommendations for fixes. When a developer accepts a fix, Mobb implements it and incorporates the decision into its AI, thereby improving future fix recommendations.
However, it is worth noting that Mobb does not find vulnerabilities itself. Instead, it focuses on fixing identified vulnerabilities, which sets it apart from other vulnerability scanning tools. Worcel emphasizes that Mobb’s goal is to help organizations fix vulnerabilities quickly and effectively, enabling them to create more secure applications.
One of the key factors behind Mobb’s success is the team’s extensive experience in application security. Worcel highlights that the team’s knowledge of how developers think and work has allowed them to build a fix engine that developers can trust and utilize. Mobb’s platform provides a fix assurance score and stability information for each fix, empowering developers to make informed decisions about implementing fixes. Worcel acknowledges that developers often prefer to focus on developing new features and innovations rather than dealing with security vulnerabilities, and Mobb’s platform aims to alleviate this burden.
In addition to its current capabilities, Mobb has plans to introduce new features and enhancements. For instance, the company is working on enabling the automatic consumption of generated fixes into integrated development environments (IDEs) or Git repositories. This will streamline the process of implementing fixes and improve the onboarding experience for users. Mobb also intends to update its AI-powered fix engine to support additional programming languages, increase the availability of fixes, and enhance the accuracy of its recommendations.
As one of the four finalists in the prestigious Black Hat Startup Spotlight competition, Mobb is set to present its business model to a panel of judges. The event, taking place at the Mandalay Bay in Las Vegas, will showcase the innovative approaches and solutions offered by these startups. Mobb will also be conducting live demos at its booth during the Black Hat conference, demonstrating how its platform fixes vulnerabilities from security reports generated by leading SAST providers.
The name “Mobb” was inspired by the character of Winston Wolf in the movie Pulp Fiction, who famously said, “I’m Winston Wolf. I solve problems.” Worcel explains that Mobb aims to solve the problem of security backlogs by doing the “dirty work” of fixing vulnerabilities.
Mobb, founded in November 2021, has already raised $5.4 million in seed funding. The company currently has a team of nine employees who are dedicated to improving the security of applications and helping organizations address their vulnerabilities effectively.
As Mobb continues to develop and expand its platform, it aims to be the go-to solution for organizations seeking efficient and reliable vulnerability fixes. By saving time and resources, Mobb empowers organizations to focus on innovation while ensuring the security of their applications.