Pixee is your automated product security engineer that fixes vulnerabilities, automatically triages scanner findings, hardens code, squashes bugs, and frees engineers to concentrate on high-value, strategic work.
No reviews yetBe the first to leave a review for Pixee
MasterClass On Call Desktop beta — Instant feedback on how you communicate & lead in meetings.
Instant feedback on how you communicate & lead in meetings.
Promoted
Can you elaborate on the capabilities of third-party auto-remediation? Will Pixeebot be able to fix findings from all kinds of tools that create more work for developers to address?
@terradactyl Yes! We've already built in the capability to take what a 3rd party scanner (e.g. Sonarqube, Semgrep or GitHub CodeQL) find and make a merge-ready pull request for the developer. This will save them MANY hours of time figuring out the problem, how to fix it and discussing it with the Security team. We will continue to expand this to many more tools as users request.
@gilday In short, we use AI selectively & with purpose where it is truly additive to the user value, not as a blunt instrument. We aren't using AI for sake of saying it's AI, but there are many ways in which AI is uniquely helpful for this use case when used purposefully. Some of our "Pro" codemods leverage AI to add context to only make changes that appropriate for that precise code base/repo. Sometimes we use it to add commentary that explains why we made a change and provide additional context specific to your code. Many more features are on the way too...
Report
What's the coolest codemod fix you've seen in the wild?
@iulspop my personal favorites are the most critical issues like SQL injection or command injection that we've seen merged. That said, we also have a couple that are going through the responsible disclosure process currently and will be published as CVEs soon! 💪
Report
Love how Pixeebot acts as your automated security engineer, offering code insights and merge-ready suggestions!
Report
This looks great! One question, is there any way to use this outside of GitHub?
Thanks @shelley_dill! 🙏
Pixeebot can only be used through GitHub (free to install through the GitHub marketplace!) That said, we're actively rolling out new ways for developers to try out Pixee's automated code hardening.
Currently, there is a CLI available that you can use to see the types of changes Pixeebot would recommend locally before you install the GitHub app.
We're also working on making Pixee available to GitLab users, so make sure to keep an eye out for more updates!
Pixee
Emma: AI Food Scanner
Pixee
Pixee
Pixee
Pixee
Pixee
Pixee