April 29, 2024

• Mobb Broker is now released. Mobb Broker allows users to connect their Mobb organization to self-hosted source code repositories that are not publicly accessible from the internet. Please contact us to learn more.

• New feature: Project pages now include a "Language" column that contains information about the languages present in the project.

• New feature: All previously committed fixes now include a "Link to commit".

• New feature: All fixes now contain a "Fix Info" tab, which contains additional info about the issue as well as fix instructions for the issue type.

• A new integration guide has been added for Atlassian Bamboo along with a sample integration YAML

• New stable fixes released:

  • Header Manipulation for C# (Fortify)

  • Password in Comment for XML (Fortify)

  • Server-Side Request Forgery for JavaScript (Checkmarx)

  Click here to see all currently supported fixes

April 18, 2024

• New stable fixes released:

  • Prototype Pollution for JavaScript

  • Insecure Cookie for C#

  • Cookie is not HttpOnly for C#

  • Locale Dependent Comparison for Java

  • Race Condition Format Flaw for Java

  • Server-Side Request Forgery for C#

  • Regular Expression Injection for Java

  • XSS for Java

  • Poor Error Handling: Overly Broad Catch for Java

  • Non-final Public Static Field for Java

  • Missing HSTS Header for JavaScript

  • Dead Code: Unused Field for Java

March 19, 2024

• New stable fixes released:

  • Insecure Randomness for Javascript

  • SQL Injection for Javascript

  • Command Injection for Javascript

  • Hardcoded Secrets in Javascript

  • Deprecated Function in Javascript

  • Null Dereference for C#

  • Trust Boundary Violations for C#

March 4, 2024

• Dashboard with ROI Calculator and Fix Management capabilities released. To see more details, click here.

  • The ROI Calculator identifies the total savings in cost and time from all automatic fixes

  • Fix Management dashboard identifies the most effective fixes available across all your projects

Feb 26, 2024

• New stable fixes released:

  • Path Traversal for JavaScript

  • Error Condition Without Action for Java

  • HTML Comment in JSP for Java

  • Default Definer Rights in Package or Object Definition for SQL

  • Improper Exception Handling for C#

  • Improper Resource Shutdown or Release for C#

Feb 7, 2024

• New stable fixes released:

  • jQuery Deprecated Symbols for JavaScript

  • Missing iframe Sandbox for JavaScript

  • Unsafe Target Blank for JavaScript

  • Missing Anti-forgery Validation for C#

  • Insecure Binder Configuration for C#

  • Overly Broad Catch for C#

January 29, 2024

• New stable fix released:

  • Missing Check Against Null for Java

• Added support for Azure Repo - Mobb can now automatically retrieve source code from Azure Repo and commit directly back to an Azure Repo once a fix is ready.

January 26, 2024

• New stable fix released:

  • Regex Injection for Java added

January 22, 2024

• Mobb Fixer for GitHub is released (Demo video for CodeQL, Checkmarx, Snyk)

Jan 15, 2024

• New stable fix released:

  • Trust Boundary Violations added

  • Log Forging for Snyk and Fortify added

January 9, 2024

• Mobb is now on the Snyk Integrations page

December, 2023

• Mobb is now on the AWS Marketplace

May, 2022

• Bugsy launched. Bugsy is a command-line interface (CLI) tool that provides automatic security vulnerability remediation for your code. It is the community edition version of Mobb, the first vendor-agnostic automated security vulnerability remediation tool. Click here to learn more.