“Developers don’t care about security.”
I've heard this more times than I can count in my career, and I never believed it for a moment. It rings as hollow as saying, “teachers don’t care about kids”. If you've met a teacher, you'll likely agree that they care deeply. The real issue isn't a lack of caring, but the absence of the necessary tools and time to tackle the never-ending challenges in front of them. Sacrifices must often be made to meet the demanding needs of the business (or the school).
For the last year or so, we've been relentlessly pursuing the right solution to this problem. After speaking with hundreds of developers, managers, and security veterans, we've crafted a solution that zeros in on the heart of the challenge. As we've been building it, the anticipation has been killing us, and we can't wait to share it with you! But first, let's take an honest look at where we are today and why we must urgently address fixes to our code. Then, we'll introduce you to Pixeebot.
How We Got Here
We're living in an exhilarating age of developer productivity. IDEs predict our next keystrokes, AI copilots craft entire functions, and CI/CD pipelines drive our businesses forward in real-time.
Software now permeates nearly every aspect of our lives: driving our cars, powering our medical devices, and more. But here's the chilling reality: every new line of code, including those generated by LLM-powered tools, could be a vulnerability. While we were celebrating the new coding era, security lagged, trapped in outdated analyze, report and create ticket cycles.
Even with top-notch tools, the journey from identifying a problem to ensuring safe code is winding, complex, and fraught with error. It involves tools developers despise and often requires team members lacking the right skills. We frequently advise developers, “don’t write your own crypto”, yet demand they fix complex vulnerabilities. How can we accelerate while staying secure?
The only scalable solution is having a security expert on every dev team. These experts could potentially harden code and fix vulnerabilities as fast as the developers (or AI assistants) can produce code. Unfortunately, there just aren't enough people with a deep understanding of security risks and coding practices.
Enter Pixeebot, your virtual product security engineer. Always present, it proactively hardens code, advises on pull requests, and responds to scans that detect vulnerabilities. Pixeebot is an always-on, always-available expert who speaks in code, not reports.
Built as a GitHub App, Pixeebot is engineered to boost developer productivity and eliminate backlog items, not just identify flaws. It's designed to feel like a coding partner, letting developers focus on innovation.
Powered by the open-source codemodder framework, Pixeebot's extensible platform can automate code changes specific to your team. It's time we made large-scale refactoring tools accessible to teams of all sizes vs just the few largest software companies in the world.
Who Are We?
We've been blessed to assemble a passionate team of developers who care about security and believe in a better way. We focus on solutions, not problems, to create a tool that we wish existed while we wrote software.
Our mission is to empower developers to craft top-quality code faster, fully leveraging generative AI's advancements.
Security is just the beginning. The more users engage with Pixeebot, the more they see its potential for automated refactoring and leveraging LLM models for code transformation. The possibilities are thrilling.
Our vision is a future where developers are 100X more prolific developing code that is more secure, performant and higher quality.
As developers, we're united by the goal to create exceptional software. With tools like Pixeebot, we're poised to achieve this with previously unattainable confidence and efficiency. We're excited about a future where our tools solve problems rather than create them.
Your thoughts and feedback are vital to our journey. We want to hear from you.
How does this future sound to you? Get Pixeebot today!
-- Arshan & Surag