Supported SAST tools

Mobb generates the auto-fix analysis by consuming a SAST scan report from one of the supported SAST tools:

• Checkmarx

• Fortify

• Snyk

• CodeQL (GitHub Advanced Security)

Supported programming languages

The following are the currently supported programming languages by Mobb:

• Java

• JavaScript and TypeScript

• C#

Click here to see more details on the specific issue types that Mobb currently supports.

Supported Source Code Management (SCM) tools

Mobb provides the ability to automatically commit fixed code back to your Source Code Management tools. Here are the SCM tools that Mobb currently supports:

• GitHub

• GitLab

• Azure Repo

If your SCM is not listed here, Mobb also provides you with the ability to download the fixed code via a .diff file which you can apply manually to your Git repository.

Bugsy (Mobb CLI)

The community edition version of Mobb, or what we called Bugsy, is a command-line interface (CLI) tool that provides automatic security vulnerability remediation for your code. Bugsy requires the following pre-requisite to run in your environment:

• Node.js Version: Node.js version 18 or higher.

• Compatibility: Bugsy is designed to run in diverse environments, including docker containers, CI/CD pipelines, and bare-metal setups.