Auto-Fix

Automatically generate pull requests to fix Common Vulnerabilities and Exposures (CVEs) in your codebase. Reduce manual effort by 90% and accelerate your security response time.

What is Auto-Fix?

Auto-Fix is Prismor's AI-powered vulnerability remediation engine that analyzes CVEs in your codebase and automatically generates pull requests with fixes.

Instead of spending days manually researching and fixing vulnerabilities, Auto-Fix handles the entire process—from analysis to PR creation—in minutes.

2-3 weeks

Average time to remediate a critical CVE

70%

Of vulnerabilities remain unpatched after 6 months

$4.45M

Average cost of a data breach from unpatched vulnerabilities

How Prismor Automates CVE Remediation

1

Vulnerability Detection

Prismor continuously scans your repositories and identifies vulnerabilities across dependencies, containers, and code. Each CVE is analyzed for severity, exploitability, and impact on your specific codebase.

2

AI-Powered Analysis

Our AI engine analyzes the vulnerability context, available patches, dependency trees, and your codebase structure to determine the optimal remediation strategy—whether it's a version upgrade, backport patch, or code modification.

3

Automated Fix Generation

The system automatically generates the necessary code changes, dependency updates, or configuration modifications required to remediate the vulnerability while maintaining compatibility with your existing code.

Example Fix:

- "lodash": "^4.17.15"
+ "lodash": "^4.17.21"
Fixes CVE-2020-8203: Prototype pollution vulnerability
4

Pull Request Creation

A comprehensive GitHub pull request is automatically created with:

  • Detailed vulnerability description and CVE details
  • Impact analysis on your specific codebase
  • Complete fix implementation with code changes
  • Testing instructions and verification steps
  • Rollback procedures if needed

Getting Started with Auto-Fix

1. Enable Auto-Fix for Your Repository

Navigate to your repository dashboard and enable the Auto-Fix feature in settings.

2. Review Detected Vulnerabilities

View all detected vulnerabilities in the Vulnerabilities tab. Click "Generate Fix" on any CVE to trigger Auto-Fix.

3. Monitor Fix Generation

Track the progress in the "AI Fixes" tab. You'll see real-time updates as the AI analyzes and generates fixes.

4. Review and Merge Pull Requests

Once complete, review the automatically created GitHub PR. Test the changes in your CI/CD pipeline and merge when ready.

Best Practices

Do's

  • Review each auto-generated PR before merging
  • Run your test suite on the PR branch
  • Prioritize critical and high severity CVEs
  • Set up CI/CD checks for automated testing
  • Keep your dependencies regularly updated

Don'ts

  • Don't merge without testing in staging
  • Don't ignore breaking change warnings
  • Don't skip reviewing the fix details
  • Don't disable Auto-Fix without understanding impact
  • Don't delay addressing critical vulnerabilities

Ready to automate your vulnerability remediation?