OpenAI Releases Security-Focused Codex
OpenAI has released Codex Security, a new research preview of its AI model aimed at identifying and fixing security weaknesses in applications. The move is part of a wider push to incorporate more open-source principles and security tools into its coding assistant.
Formerly known as Aardvark, Codex Security operates by creating a temporary, isolated copy of a code repository to analyze its structure and generate a unique threat model. This model allows the AI to understand the application's most vulnerable areas, find flaws, and then test them in a sandbox to confirm they are exploitable before alerting developers. During its beta testing phase, OpenAI claims the tool reduced overall alert noise by 84% and cut the rate of false positives by more than half. The system was used by early adopters to detect more than 11,000 vulnerabilities classified as critical or high-severity. The tool has already been used to scan widely-used open-source software, uncovering 14 vulnerabilities that were severe enough to be registered in the CVE database.
