"It builds deep context about your project to identify complex vulnerabilities that other agentic tools miss, surfacing higher-confidence findings with fixes that meaningfully improve the security of your system while sparing you from the noise of insignificant bugs."
"Over the last 30 days, Codex Security has scanned more than 1.2 million commits across external repositories over the course of the beta, identifying 792 critical findings and 10,561 high-severity findings. These include vulnerabilities in various open-source projects like OpenSSH, GnuTLS, GOGS, Thorium, libssh, PHP, and Chromium, among others."
"The latest iteration of the application security agent leverages the reasoning capabilities of its frontier models and combines them with automated validation to minimize the risk of false positives and deliver actionable fixes. OpenAI's scans on the same repositories over time have demonstrated increasing precision and declining false positive rates, with the latter falling by more than 50%."
OpenAI introduced Codex Security, an evolution of its Aardvark security tool, designed to detect and remediate software vulnerabilities at scale. The AI-powered security agent builds deep project context to identify complex vulnerabilities while minimizing false positives. During beta testing, Codex Security scanned over 1.2 million commits across external repositories, identifying 792 critical and 10,561 high-severity findings in projects including OpenSSH, GnuTLS, GOGS, Thorium, libssh, PHP, and Chromium. The tool leverages advanced reasoning capabilities combined with automated validation to deliver actionable fixes. False positive rates have declined by over 50% across repositories, demonstrating improved precision. The feature is available to ChatGPT Pro, Enterprise, Business, and Edu customers through the Codex web interface.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]