Hackers of India

AutoFix: Automated Vulnerability Remediation Using Static Analysis and LLMs

By  Asankhaya Sharma  on 19 Apr 2024 @ Blackhat : Arsenal

This Tool Demo covers following tools where the speaker has contributed or authored
AUTOFIX

Abstract

AutoFix is an innovative open-source tool that marries static analysis with advanced Large Language Models (LLMs) to automate the detection and remediation of software vulnerabilities. Utilizing cutting-edge models like StarCoder and Salesforce CodeGen2, AutoFix excels in generating precise patches for a wide range of vulnerabilities, identified through robust static analysis methods including Semgrep. Designed for developers, security professionals, and DevSecOps teams, AutoFix streamlines security integration in software development, balancing speed and accuracy in patch deployment. As a community-driven tool, it evolves continuously, embodying the future of automated, secure coding practices.