GitHub Copilot update includes security vulnerability filtering

GitHub Copilot update includes security vulnerability filtering

padlock on a background of 0s and 1s

GitHub Copilot, the controversial tool that provides AI-assisted coding to developers, has been enhanced with algorithms to improve the quality and security of its coding suggestions.

Enhancements unveiled February 14 include an update to the underlying OpenAI Codex AI model to support large-scale improvements to code quality suggestions. The time required to deliver suggestions has also been reduced. These enhancements are available for both Copilot for individuals and Copilot for Businesses.

Additionally, AI-based vulnerability filtering in Copilot now blocks insecure coding patterns in real time. Common vulnerable coding patterns that are targeted include hard-coded credentials, path injections, and SQL injections. Vulnerable patterns even can be detected in incomplete fragments, GitHub said.

An AI pair programming tool trained using code from public repositories, Copilot offers auto-complete-style suggestions in a variety of programming languages. Copilot can be accessed via extensions to Visual Studio Code, Visual Studio, Neovim, and the JetBrains suite of IDEs. Users can sign up for a free trial of Copilot at Github.com.

GitHub this week also announced the general availability of Github Copilot for Business for all enterprises, even those that do not use GitHub. This announcement follows a beta phase that began in December. Businesses can sign up for Copilot and immediately assign seats. Also featured in GitHub Copilot for Businesses is VPN proxy support, so it is possible to use Copilot in any working environment.

Since its introduction in June 2021, Copilot has come under fire, with questions raised about the propriety of using publicly available code to train the AI. These concerns prompted a lawsuit and protests from the Free Software Foundation. But GitHub said this week that more than 400 organizations already are using Copilot, and that the tool is helping developers code faster.

Copyright © 2023 IDG Communications, Inc.

How to choose a low-code development platform
<!-- var slotName = 'bottomleaderboard'; var slotSize = []; if ($thm.deviceClass == 'mobile') { slotSize = [[300,50],[320,50],[300,250]]; } else if ($thm.deviceClass == 'tablet') { slotSize = [[728,90],[468,60]]; } else { slotSize = [[728,90],[970,90],[970,250]]; } IDG.GPT.addDisplayedAd(slotName, "true"); document.write('

'); IDG.GPT.defineGoogleTagSlot(slotName, slotSize, false, true); document.write('

'); $('#' + slotName).responsiveAd({screenSize:'971 1115', scriptTags: []}, true); //-->

Add a Comment