Security Operations, AI/ML, DevOps, Vulnerability Management

OpenAI launches Codex Security to detect and fix code vulnerabilities

GenAI

OpenAI has launched Codex Security, a new tool integrated into its Codex programming assistant designed to help developers identify and resolve code vulnerabilities. This release follows closely on the heels of a similar offering from Anthropic, highlighting a growing trend in AI-powered cybersecurity solutions for software development, with further coverage provided by Silicon Angle.

Codex Security operates by creating a temporary, isolated copy of a developer's code repository for analysis, a process that can take several days. The tool generates a "threat model," a detailed natural language description of the application's functionality and potential weaknesses, particularly focusing on areas like user data upload interfaces that are common targets for cyberattacks. Developers can customize this threat model to prioritize specific components. The security tool then tests identified flaws in a sandbox environment to assess exploitability, filters out false positives, and ranks remaining vulnerabilities by severity. It provides remediation suggestions, including the necessary code fixes and explanations, which developers can implement with a single click.

Codex Security is currently available as a research preview for Enterprise, Business and Edu customers. OpenAI has also launched a program to offer the tool to open-source project maintainers for free. 

Source: Silicon Angle

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds