Generate SAST remediation guidance with (Beta)
Use to generate remediation guidance (including an issue summary, code analysis, and fix suggestion) for a SAST issue with a large language model (LLM).
Overview
When you run , it formulates prompts using:
- The issue's Common Weakness Enumeration (CWE) identifier
- The issue's description
- The line number on which the issue was found
- A code snippet that includes the issue (approximately 10 lines of code)
... that are sent to a private LLM service to generate remediation guidance that appears in , including:
- Issue Summary: A short description of the issue.
- Code Analysis: An analysis of the code in which the issue is identified.
- Fix Suggestion: A revision (in code) that may remediate the issue.
Note: The guidance generates is not preserved or shared with other users in your organization. If you navigate to a different page or sign out of , the remediation guidance you generated previously is discarded.
is compatible with SAST issues (and all the languages in the SAST Language Support table).
Data privacy
communicates with a LLM that runs on a private cloud service. Please note:
- None of the prompts or responses exchanged between and the LLM are used to:
- Train or improve the LLM.
- Improve the LLM provider's other products or services.
- does not retain source code used in prompts.
- User-submitted feedback on responses is not sent to the LLM.
- Each response from is only shared with the user who requests it.
- Data exchanged between and the LLM is encrypted for storage and transmission.
Accuracy and completeness
Warning: generates results created by artificial intelligence (AI) or other automated technologies. Such results are provided for informational purposes only and should not be relied upon for any specific purpose without verification of its accuracy or completeness.
Enable
- Go to My Organization > General.
- Select Enable Polaris Assist.