- OpenAI Introduces Aardvark, an Autonomous AI Agent for Scalable Vulnerability Detection and Patching
- Aardvark imitates human researchers: reads code, runs tests, and proposes specific security fixes
- In benchmark testing, Aardvark achieved a 92% success rate on known vulnerable repositories.
OpenAI wants its next security researcher to be a bot and has launched Aardvark, its own agent security researcher, powered by ChatGPT.
Now in private beta, the company describes Aardvark as a “breakthrough” in security and artificial intelligence research: an autonomous agent that helps developers and security teams discover and fix security flaws “at scale.”
“Every year, tens of thousands of new vulnerabilities are discovered in open source and enterprise codebases,” the company said. “Defenders face the difficult task of finding and patching vulnerabilities before their adversaries do.”
Imitating human behavior
In benchmark testing of so-called “gold” repositories (those that contain well-documented vulnerabilities and are used for testing), Aardvark has apparently had a 92% success rate.
Detailing how it works, OpenAI said Aardvark is no different than a human, but without the need to rest, eat, go to the bathroom or have the occasional emotional breakdown.
“Aardvark looks for bugs like a human security researcher would: reading code, analyzing it, writing and running tests, using tools, and more,” it said. By continuously analyzing source code repositories, you can identify vulnerabilities, assess exploitability, prioritize severity, and then propose targeted patches.
While the company emphasizes that the tool is still in beta, it also says that it is already showing commendable results. OpenAI has been running it internally “for several months” in its codebases and those of “external alpha partners,” and managed to expose “significant vulnerabilities” that contributed to OpenAI’s defensive posture.
An AI agent is a self-contained AI program that connects to other applications to perform various tasks automatically. Its popularity has been growing lately, with different agents created for different purposes, such as the Zencoder AI coding agent, the Instagram analytics agent (built on Apify), Compuuser (an AI that “uses the computer”) and others.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
