Skip to main content

Use Contrast AI guidance Hosted customers only

Contrast AI provides additional information about how to fix vulnerabilities that the Contrast IAST (Assess) technology discovers. The guidance it generates is specific to the frameworks and libraries that your application uses.

Contrast AI collects information about your frameworks and libraries from existing data stored in Contrast. It uses this information along with Anthropic to generate customized guidance for fixing a selected vulnerability.

Legal Disclaimer

When you use [Contrast AI] Intelligent Remediation Guidance, you submit data to the Anthropic services made available through the technical environment referred to as Amazon Bedrock that is hosted and managed by Amazon Web Services, Inc. ("Services").   Both the submission of data to the Services and the output generated by the Services will be subject to the terms of service of Anthropic. Use of Contrast AI is entirely at your own risk.

Before you begin

  • Ensure that the Contrast AI setting is turned on at the organization level.

  • This feature is available for hosted customers in the USA only.

  • This feature is currently supported for vulnerabilities that Contrast IAST (Assess) technology finds.

  • Contrast caches responses from the large language model (LLM) for 24 hours.

Steps

To find Contrast AI details for vulnerabilities that the Contrast IAST technology finds:

  1. In the header, select Vulnerabilities.

  2. Select a vulnerability in the list.

  3. Select the How-to-Fix tab.

  4. Select Use Contrast AI.

    Contrast AI generates supplementary information based on your application's technology.