Mobb, a popular tool for DevSecOps teams, has introduced a new feature that enables immediate vulnerability detection during code implementation. Previously, Mobb allowed for the creation of patches based on the results of SAST scanning done by other companies, but only for specific individuals. Now, with the implemented changes, organizations can more effectively address these issues within the context of their DevSecOps project.
Mobb utilizes its own security research and traditional semantic analysis, supported by artificial intelligence (AI), to automatically generate collective patches for different vulnerabilities. The aim of this tool is to facilitate developers and DevSecOps teams in efficiently and consistently removing vulnerabilities before application deployment.
Traditionally, developers and cybersecurity experts have struggled to agree on the significance of detected vulnerabilities. However, there are often situations where discovered vulnerabilities have no impact on functioning production applications. In such cases, developers waste time analyzing and developing patches. The Mobb tool automatically creates necessary patches, eliminating the need for discussions about the value of individual vulnerabilities.
For decades, development teams have been searching for ways to quickly address vulnerabilities. With the increasing popularity of DevSecOps practices, many organizations are focusing on software supply chain analysis as part of broader efforts to improve application security.
Of course, the Mobb tool has its limitations and may not always be able to deliver patches for all vulnerabilities. However, for a large number of routine vulnerabilities, such as SQL injections, developers can benefit from the efficiency and productivity gained by relying on ready-made patches.
The process of prioritizing, creating, and implementing patches is often frustrating for DevOps teams. Therefore, any tool that streamlines this process contributes to improving application security, particularly in the face of increasingly advanced cybercriminal activities. Mobb allows developers to maintain oversight of applied patches while minimizing the difficulties associated with their creation.
It is still unknown when the ability to automatically create patches will bring overall improvements in application security, but the implementation of Mobb is a step in the right direction.
Mobb – FAQ
The source of the article is from the blog mivalle.net.ar