OpenAI's new AI-powered AppSec tool, Codex Security, found over 11,000 high-severity and critical vulnerabilities across more than 1.2 million scanned commits during its first 30 days of research testing. The tool identified 792 critical issues and 10,561 high-severity flaws, including bugs in open-source projects like OpenSSH, PHP, and Chromium, resulting in 14 CVEs. Unlike traditional static scanners, Codex Security builds contextual understanding of entire codebases, maps attack paths, validates exploitability in a sandbox, and proposes patches. It evolved from an internal project called Aardvark and is now available in research preview to ChatGPT Pro, Enterprise, Business, and Edu customers.
Sort: