GitHub enhances security: AI agents check pull requests
A new security analysis with AI agents is intended to improve the static checking of pull requests.
(Image: amgun/ Shutterstock.com)
GitHub has announced AI support for searching for vulnerabilities in code. An initial preview is expected in early Q2.
The AI agent complements the current static code analysis tool, the database-driven CodeQL, which is limited to a few major languages such as Java, TypeScript, Python, or Go. Now, checking Bash, Dockerfiles, HCL (HashiCorp Configuration Language, used for Terraform, among others), PHP, and others should also be possible. The agent is intended to find code problems such as database commands and SQL queries from arbitrary strings, weak cryptographic implementations, or the disclosure of infrastructure configurations.
Videos by heise
In its announcement, GitHub describes that the security mechanism automatically activates with new pull requests and decides whether an analysis is performed via CodeQL query or AI agent. The result is found within the pull request and can be immediately fixed using the Autofix function.
(who)
