Fix code automatically with gen AI | Fluid Attacks Help

Fix code automatically with gen AI

Warning on AI-generated fix suggestions
Always review the accuracy of remediation suggestions generated with AI.

Fluid Attacks' Autofix feature allows you to efficiently remediate vulnerabilities within your source code. Leveraging the power of generative AI, Autofix suggests custom modifications that transform your vulnerable code into secure code. Currently, this feature is available only for Fluid Attacks' VS Code extension.

Below is a simple explanation of how Autofix works and how to use it.

How Autofix works

Autofix sits on Fluid Attacks' VS Code extension, which retrieves vulnerability reports from Fluid Attacks' platform to show which lines of code are vulnerable directly in the IDE. Autofix's efficiency stems from its integration with GPT-4's advanced code analysis and generation capabilities. This powerful AI model can accurately identify vulnerabilities and produce targeted fixes, saving you time and effort in the remediation process.  Once Autofix receives the code fragment, the model generates specific actions to address and remediate the vulnerability, returning the code with the implemented solution.

For details on Fluid Attacks' usage of GPT-4 to generate fixes and data privacy in relation to it, refer to the VS Code plugin FAQ.

Use Autofix

The Autofix functionality leverages GPT-4's ability to fix vulnerable code automatically. As a prerequisite, you must have installed Fluid Attacks' VS Code extension. With the extension installed, follow these steps:

  1. Click on the Fluid Attacks extension in VS Code's activity bar and locate the file containing the vulnerability you wish to fix.

  2. Click the hammer and wrench icon associated with that file to initiate Autofix.

    3. Find the Fluid Attacks Autofix feature on VS Code

    Autofix automatically establishes a connection with the GPT-4 AI model. This connection enables the model to analyze the code and generate the necessary fixes. During this process, you see the message "Trying to fix the vulnerability automatically."

    Use the Fluid Attacks Autofix feature on VS Code

  3. After a few seconds, the code is automatically modified. Review the AI-generated fix suggestion and proceed only after verification that the resulting code is secure.

    4. Fix code automatically with the Fluid Attacks VS Code extension

Free trial message
Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.