OpenAI has launched Codex Security, an AI-driven agent designed to review codebases for vulnerabilities, enhancing software security. This tool, available in research preview for ChatGPT Pro, Enterprise, Business, and Edu customers, follows the recent rollout of Anthropic’s Claude Code Security. Initially known as Aardvark, Codex Security has transitioned from private beta testing, where it swiftly addressed significant vulnerabilities, to broader external testing, yielding valuable insights on onboarding and context-sharing. In the past month, Codex Security scanned over 1.2 million commits, identifying 792 critical and over 10,500 high-severity findings with less than 0.1% flagged as critical. The tool employs a threat model for enhanced vulnerability detection while minimizing false positives through sandbox validation. Codex Security also recommends tailored patches, facilitating smoother integration and lower regression risks. Users can prioritize findings for optimal security impact, ensuring efficient remediation processes.
Source link
Share
Read more