OPENAI has rolled out Codex Security, a new AI-powered software vulnerability scanner that the company says can identify complex issues that other agentic tools may miss. Named Codex Security (formerly Aardvark), the tool is currently in research preview but has been tested in private beta since last year, including by Netgear. Codex Security is now available to ChatGPT Pro, Enterprise, Business, and Edu customers with free usage for the next month.
According to OpenAI, Codex Security analyses repositories for system context, builds a threat model focused on the system’s role, trusted components, and exposures, and then looks for vulnerabilities, rating them by potential real-world impact while proposing patches.
It has been tested against 1.2 million commits over the past 30 days, identifying nearly 800 critical vulnerabilities and more than 10,000 high-severity issues, with vulnerabilities found in widely used open source projects such as Chromium, OpenSSL, PHP, GOGS, and GnuTLS. These findings arrive as Claude unveiled its own AI vulnerability scanner, prompting discussion about the future of AI-assisted security tools.