OpenAI rolls out Codex Security, an AI agent that evolved from its research project Aardvark to automate vulnerability discovery, validation, and remediation
OpenAI is rolling out Codex Security, an AI-powered application security agent that finds, validates and proposes fixes for vulnerabilities.
We (@get_mocha) got access to this and ran it on our codebase yesterday. It took ~24 hours and scanned almost 5000 commits, and found 275 issues. I've merged 15 codex suggested PRs so far (most of which required zero iteration) and am working my way through the rest the rest of
do not underestimate how much coding generalizes towards agi this tool is so good it actually helped me save my marriage by finding and patching vulnerabilities
Codex Security began as Aardvark, launched last year in private beta. Since then, we've significantly improved signal quality, reducing noise, improving severity accuracy, and lowering false positives, so findings better align with real-world risk.
We're introducing Codex Security. An application security agent that helps you secure your codebase by finding vulnerabilities, validating them, and proposing fixes you can review and patch. Now, teams can focus on the vulnerabilities that matter and ship code faster. [video]