Skip to main content

Check out Port for yourselfย 

Enrich security vulnerabilities using AI

This guide demonstrates how to leverage 3rd-party AI tools within Port to get additional details on security vulnerabilities and mitigation strategies.

Code security tools provide context for issues in your code. In this guide, we will demonstrate how to leverage AI to understand better these issues and how to fix them. After completing it, developers can resolve issues faster and more independently.

Prerequisitesโ€‹

AI model compatibility

The examples in this guide are based on the OpenAI GPT-4 model, but you can adapt the configurations to work with any LLM API that supports similar request/response formats.

Set up data modelโ€‹

If you have one of Port's security integrations installed (Snyk, Wiz, or SonarQube), you can simply follow these steps to add the ai_summary property to your existing issue or vulnerability blueprint:

  1. Go to your Builder page.

  2. Search for the blueprint you want to update.

  3. Click on the {...} button in the top right corner, and choose "Edit JSON".

  4. Add this JSON snippet to the properties of the blueprint:

          "ai_summary": {
            "type": "string",
            "title": "AI Analysis",
            "description": "AI-generated analysis and remediation steps",
            "format": "markdown"
          }

  5. Click Save.

However, if you don't have a security integration installed, follow these steps to create a new blueprint with the structure below:

  1. Go to your Builder page.

  2. Click on the + Blueprint button.

  3. Click on the {...} button in the top right corner, and choose "Edit JSON".

  4. Copy and paste the following JSON configuration into the editor.

    Security Issue Blueprint (Click to expand)
    {
      "identifier": "securityVulnerability",
      "title": "Security Vulnerability",
      "icon": "Vulnerability",
      "schema": {
        "properties": {
          "cveId": {
            "type": "string",
            "title": "CVE ID",
            "description": "Common Vulnerabilities and Exposures identifier"
          },
          "severity": {
            "type": "string",
            "title": "Severity",
            "enum": ["low", "medium", "high", "critical"],
            "enumColors": {
              "low": "green",
              "medium": "yellow",
              "high": "orange",
              "critical": "red"
            }
          },
          "description": {
            "type": "string",
            "title": "Description",
            "description": "Vulnerability description"
          },
          "ai_summary": {
            "type": "string",
            "title": "AI Analysis",
            "description": "AI-generated analysis and remediation steps",
            "format": "markdown"
          }
        },
        "required": []
      },
      "mirrorProperties": {},
      "calculationProperties": {},
      "aggregationProperties": {},
      "relations": {}
    }

  5. Click Save.

Implementationโ€‹

Add Port secretsโ€‹

To add this secret to your portal:

  1. Click on the ... button in the top right corner of your Port application.

  2. Click on Credentials.

  3. Click on the Secrets tab.

  4. Click on + Secret and add the following secret:

    • OPEN_AI_API_KEY - Your OpenAI API key
Secret naming

You can give any name to your secrets, just remember to reference it correctly in the action configuration. For other providers, you might use names like ANTHROPIC_API_KEY, GEMINI_API_KEY, etc.

For more information about managing secrets, see the secrets documentation.

Create a self-service actionโ€‹

Follow these steps to create the self-service action:

  1. Head to the self-service page.

  2. Click on the + New Action button.

  3. Click on the {...} Edit JSON button.

  4. Copy and paste the following JSON configuration into the editor.

    Enrich entity with security issue analysis (Click to expand)
    {
      "identifier": "enrich_security_vulnerability_using_ai",
      "title": "Enrich entity with security issue analysis using AI",
      "icon": "Codacy",
      "trigger": {
        "type": "self-service",
        "operation": "DAY-2",
        "userInputs": {
          "properties": {},
          "required": [],
          "order": []
        },
        "blueprintIdentifier": "securityVulnerability"
      },
      "invocationMethod": {
        "type": "WEBHOOK",
        "url": "https://api.openai.com/v1/chat/completions",
        "agent": false,
        "synchronized": true,
        "method": "POST",
        "headers": {
          "RUN_ID": "{{ .run.id }}",
          "Content-Type": "application/json",
          "Authorization": "Bearer {{ .secrets.OPEN_AI_API_KEY }}"
        },
        "body": {
          "model": "gpt-3.5-turbo",
          "messages": [
            {
              "role": "system",
              "content": "you are a security expert and should help remediate issues. Lookup for this CVE and provide in markdown few sentences on what is it and how to resolve. Limit to 500 chars. Return in markdown formatting."
            },
            {
              "role": "user",
              "content": " {{ .entity.properties.cveId }} "
            }
          ]
        }
      }
    }
    Configuration adjustments

    Make sure to adjust the following fields:

    • OPEN_AI_API_KEY - Should be the name of the secret you created in the previous step.
    • blueprintIdentifier - Adjust based on the blueprint representing security issues in your data model (e.g., snykVulnerability, wizIssue, sonarQubeIssue for Snyk, Wiz, and SonarQube respectively).
    • cveId - Choose the field where you store the CVE ID (this may vary depending on your integration: cveId, cveID, issueId, etc.).

  5. Click Save.

Create an automation to update entityโ€‹

After each execution of the action, we trigger an automation that takes the response from the action (the LLM API response) and extracts the answer from the new markdown field.

To create the automation:

  1. Head to the automation page.

  2. Click on the + Automation button.

  3. Copy and paste the following JSON configuration into the editor.

    Update security issue based on AI (Click to expand)
    {
      "identifier": "updateSecurityIssueWithAIResponse",
      "title": "Update security issue based on AI",
      "trigger": {
        "type": "automation",
        "event": {
          "type": "RUN_UPDATED",
          "actionIdentifier": "enrich_security_vulnerability_using_ai"
        },
        "condition": {
          "type": "JQ",
          "expressions": [
            ".diff.after.status == \"SUCCESS\""
          ],
          "combinator": "and"
        }
      },
      "invocationMethod": {
        "type": "UPSERT_ENTITY",
        "blueprintIdentifier": "securityVulnerability",
        "mapping": {
          "identifier": "{{ .event.diff.after.entity.identifier }} ",
          "properties": {
            "ai_summary": "{{ .event.diff.after.response.choices[0].message.content }}"
          }
        }
      },
      "publish": true
    }
    Blueprint identifier

    Remember to replace the securityVulnerability identifier with the identifier of your blueprint if you are using any of Port's security integrations. ie snykVulnerability, wizIssue, sonarQubeIssue for Snyk, Wiz, and SonarQube respectively.

  4. Click Save.

Let's test it!โ€‹

  1. Head to the self-service page of your portal.

  2. Click on the Enrich security issue using AI action.

  3. Choose the security issue you want to analyze.

  4. Click on Execute

  5. Wait for the AI to analyze the security issue.

  6. Verify that the entity in Port has been updated with the AI-generated analysis in the ai_summary field.