For years, application security teams have struggled with a common problem: findings stack up quickly but fixing them takes time. Developers often face a flood of repetitive, low-value tasks, while AppSec leaders worry about vulnerabilities sitting exposed for days or weeks.
That changes now. OpenText™ Application Security Aviator Auto-Remediation accelerates secure delivery by automatically applying validated fixes. Instead of developers combing through tickets and patching the same flaws over and over, Aviator transforms remediation timelines from days to minutes.
3 ways OpenText Application Security Aviator Auto-Remediation helps
1 – Accelerates secure delivery
Once Aviator identifies a vulnerability, it can automatically generate and apply a fix.
Example: SQL Injection
Before Aviator:
// Vulnerable code
String query = “SELECT * FROM users WHERE id = ” + userInput;
Statement stmt = connection.createStatement();
ResultSet rs = stmt.executeQuery(query);
This query is vulnerable to SQL injection because it directly concatenates user input.
After Aviator:
// Aviator auto-remediated code
String query = “SELECT * FROM users WHERE id = ?”;
PreparedStatement pstmt = connection.prepareStatement(query);
pstmt.setString(1, userInput);
ResultSet rs = pstmt.executeQuery();
Here, Aviator automatically applies parameterization, removing the injection risk while preserving business logic.
Instead of waiting for developer cycles or sprint planning, vulnerabilities like this are fixed immediately, accelerating secure delivery.
2 – Reduces developer burden
Developers shouldn’t spend their best hours re-fixing the same issues across dozens of codebases. Aviator takes on that repetitive work.
Example: Hardcoded Secrets
Before Aviator:
# Vulnerable code
API_KEY = “12345-ABCDE”
After Aviator:
# Aviator auto-remediated code
import os
API_KEY = os.getenv(“API_KEY”)
Rather than forcing developers to manually refactor every instance, Aviator replaces hardcoded secrets with secure environment variables.
3 – Strengthens security posture
Every hour a vulnerability remains open is an exposure risk. Aviator shrinks that exposure window by resolving issues faster and more consistently.
Example: Insecure Configuration
Before Aviator:
// Vulnerable CORS settings
app.use(cors({ origin: “*” }));
After Aviator:
// Aviator auto-remediated code
app.use(cors({ origin: [“https://trustedapp.com”] }));
By tightening overly permissive defaults, Aviator closes misconfigurations before attackers can exploit them.
The bigger picture: AI-Driven AppSec at scale
Auto-remediation is the natural evolution of OpenText’s investment in AI-powered AppSec. SAST Aviator already uses LLMs to audit findings with human-level accuracy and provide copy-pasteable remediation advice. Now, Aviator Auto-Remediation closes the loop, not only identifying and explaining vulnerabilities, but fixing them at scale.
For AppSec leaders, this means reduced risk and measurable improvements in time-to-remediation metrics. For developers, it means less toil, more innovation, and a stronger partnership with security.
Closing thoughts
From SQL injection to secrets management to secure configuration, Aviator Auto-Remediation is redefining how organizations approach secure delivery. It doesn’t just help find vulnerabilities, it fixes them, transforming security from a bottleneck into a business enabler.
