OpenAI unveiled Codex Security on Friday, an advanced application security tool that detects complex software vulnerabilities. 

Available in research preview to ChatGPT Enterprise, Business, and Edu users, it is free for the first month.

Using OpenAI's frontier models, Codex Security builds detailed threat models for projects, prioritizing real-world risks and reducing false positives, allowing security teams to focus on critical issues. 

Originally released as a private beta named Aardvark, it identified severe flaws like cross-tenant authentication vulnerabilities and improved accuracy during testing, cutting noise by 84% and false positives by over 50%.

In the past month, Codex Security scanned 1.2 million commits, finding 792 critical and 10,561 high-severity issues. 

OpenAI is also supporting open-source security by scanning major repositories, sharing high-confidence findings with maintainers, and reporting vulnerabilities in projects like OpenSSH, GnuTLS, and PHP. 

The company plans to expand its support to more open-source maintainers, offering tools and resources to enhance security measures across the ecosystem.

Photo: Shutterstock