OpenAIが脆弱性を発見・修正する「Codex Security」を発表
OpenAIは、開発者が複雑なリスクを大規模に特定・軽減するのを支援することを目的とした新しいAIエージェント「Codex Security」を発表した。
キーポイント
新製品の発表
OpenAIがセキュリティ分野向けの新AIエージェント「Codex Security」を発表した。
主な目的
開発者が複雑なセキュリティリスクを大規模に特定し、軽減することを支援することを目的としている。
対象ユーザー
主に開発者を対象としており、セキュリティ脆弱性の発見と修正を支援する。
影響分析・編集コメントを表示
影響分析
この発表は、AIがセキュリティ分野に本格的に進出することを示しており、開発者のセキュリティ作業効率を大幅に向上させる可能性がある。OpenAIの製品ポートフォリオ拡大と、AI駆動型セキュリティツール市場の活性化につながる重要な動きと言える。
編集コメント
AIセキュリティ分野へのOpenAIの本格参入を示す重要な発表。開発現場のセキュリティ課題解決へのAI活用が加速する可能性がある。
新しいAIエージェントは、開発者が大規模に複雑なリスクを特定・軽減することを支援するように設計されています。
原文を表示
2 Min ReadOpenAI launched an AI agent for its Codex coding system to help developers address security risks.Codex Security, released on March 6, is available in research preview to ChatGPT Enterprise, Business, and Education customers, with the first month free. Codex Security analyzes a user’s code repository and produces a detailed natural-language description of how the application works, where it is strongest, and where potential security vulnerabilities may exist. These potential flaws are tested in a sandbox to rule out false positives, and the findings are ranked by potential severity and real-world impact. Finally, the agent creates a list of potential fixes for each issue, including the relevant code and a plain-language explanation. Developers can approve and push patches to production directly from the interface.“Most AI security tools simply flag low-impact findings and false positives, forcing security teams to spend significant time on triage,” OpenAI said in a release. “At the same time, agents are accelerating software development, making security review an increasingly critical bottleneck. Codex Security addresses both challenges.” Related:Adobe Launches AI Agent Platform for CX“By combining agentic reasoning from our frontier models with automated validation, it delivers high-confidence findings and actionable fixes so teams can focus on the vulnerabilities that matter and ship secure code faster,” the vendor added. Over the past month, OpenAI said the tool scanned 1.2 million commits (fundamental operations in a software version control system) and identified 792 critical and 10,561 high-severity problems across open source repositories, including 14 vulnerabilities serious enough to be logged in the CVE (common vulnerabilities and exposures) cybersecurity database managed by the Mitre Corporation.The San Francisco-based AI frontier lab added that it has started onboarding an initial batch of “open-source maintainers” to test Codex, with a view to expanding the program in the coming weeks.Codex Security first launched last year as a private beta called Aardvark, initially tested with a small group of customers. The new launch comes about two weeks after Anthropic introduced Claude Code Security, a competing tool that similarly scans codebases, identifies vulnerabilities, and suggests fixes. About the AuthorContributing WriterScarlett Evans is a freelance writer with a focus on emerging technologies and the minerals industry. Previously, she served as assistant editor at IoT World Today, where she specialized in robotics and smart city technologies. Scarlett also has a background in the mining and resources sector, with experience at Mine Australia, Mine Technology and Power Technology. She joined Informa in April 2022 before transitioning to freelance work.
関連記事
今日のまとめ
AI日報で今日の重要ニュースをまとめ読み