How does Corgea work?
January 18, 2024
Expanding Our Capabilities: Java, Go, and Ruby
We at Corgea are thrilled to announce the expansion of our automated code fix capabilities to now include Java, Go, and Ruby. Recognizing the widespread use of these languages among developers, we understand the importance in security coverage across all programming languages at companies.
The Drive Behind the Innovation
Our commitment to security doesn't just stop at identifying vulnerabilities; it extends to actively resolving them. This new feature stems from our desire to make Corgea a comprehensive platform for all types of programming, encompassing various languages, frameworks, and packages. Companies need to secure and support a wide mix of programming languages, frameworks and packages. We felt that it was our responsibility to help them have the best coverage s across their applications, microservices, scripts, and data science notebooks.
How It Works
1. Detection: Our platform interfaces with leading Static Application Security Testing (SAST) scanners like Snyk, and Semgrep to identify vulnerabilities in your source code.
2. Analysis: Once a vulnerability is detected, our AI system comprehensively analyzes the code context and the nature of the vulnerability.
3. Automated Fixes: Leveraging advanced AI algorithms, Corgea automatically generates a fix for the identified vulnerability, tailored to the specific requirements of the language in question, be it Java, Go, or Ruby. This includes frameworks built on these languages such as Ruby on Rails.
4. Review and Integration: The suggested fix is presented for developer review. Once approved, it can be seamlessly integrated into the existing codebase, ensuring minimal disruption to the development process.
Showing It In Action
The screenshot below shows a Ruby on Rails application (Railsgoat) with a Cross-site Scripting vulnerability that was detected by Semgrep. Corgea generated a fix and an explanation to educate the developer on what it did. This information will be sent within the pull-request.
Our journey doesn't end here. With plans to incorporate more programming languages in the near future, we're continuously working towards making Corgea the go-to platform for automated security solutions in the software development industry. Use it today for free!