OpenAI launches Codex Security, an AI agent designed to detect vulnerabilities in software projects

OpenAI launches "Codex Security," an AI-powered security agent built to find vulnerabilities in software projects. The tool, formerly known as "Aardvark," is now available as a research preview for ChatGPT Enterprise, Business, and Edu customers, free for the first month. Codex Security analyzes code repositories, builds a project-specific threat model, and tests any vulnerabilities it finds in isolated test environments, OpenAI says.

During the beta phase, OpenAI says the system cut false positives by more than 50 percent and reduced redundant alerts by 84 percent in one case. Over the past 30 days, Codex Security scanned more than 1.2 million commits and flagged 792 critical vulnerabilities.

OpenAI has also reported vulnerabilities in open-source projects, including OpenSSH, GnuTLS, GOGS, Thorium, and Chromium, with 14 CVEs issued so far. A program for open-source maintainers is set to expand. More details on getting started are available in the documentation.

Anthropic also recently shipped its own cybersecurity tool, sending cybersecurity stocks into the red.