Overview

Arnica utilizes OpenAI's ChatGPT to provide mitigation code samples for code risks, such as SAST and IaC vulnerabilities.

The integration with OpenAI provides the following benefits:

1. Cutting-Edge AI Models: OpenAI offers some of the most advanced AI models, which are at the forefront of AI research and development.

2. Community and Support: As a leading AI research organization, OpenAI has a vast community of developers and researchers, providing a rich source of knowledge and support.

3. Continuous Updates: OpenAI continuously improves its models based on the latest research and user feedback.

Installation process

Get the API key

1. Login to the OpenAI Platform and navigate to the API keys page.

2. Click on Create a new secret key and provide a name that can identify this integration.

3. Copy the key after clicking on Create.

Integrate

1. Navigate to the Integrations page in Arnica and click on OpenAI.

2. Fill the API key from the previous step.

3. Click on Validate.

4. Ensure that OpenAI is in the existing integrations list.

User Experience

Arnica allows the users to select when to trigger the OpenAI recommendation request, so that the cost of OpenAI will remain relatively low compared to execution on every finding.

To see the recommendation, navigate to the Code Risks page and click on one of the SAST / IaC findings. Click on the OpenAI icon on the top right corner of the details pane - it will spin while the recommendation is generated and validated by Arnica.

The code example recommendation will be dynamically generated in the details pane, followed by the explanation of the generated code to ensure the solution is clear as much as possible for the developer or Arnica operator.