- OpenAI unveils Aardvark, an autonomous AI agent for scalable vulnerability detection and patching
- Aardvark mimics human researchers: reading code, running tests and suggesting targeted security fixes
- In benchmark tests, Aardvark achieved a 92% success rate on known vulnerable repositories
OpenAI wants your next security researcher to be a bot – and has launched Aardvark, its very own agentic security researcher powered by ChatGPT.
Now in private beta, the company describes Aardvark as a “breakthrough” in artificial intelligence and security research — an autonomous agent that helps developers and security teams discover and fix security flaws “at scale.”
“Each year, tens of thousands of new vulnerabilities are discovered across enterprise and open source codebases,” the company said. “Defenders face the daunting task of finding and patching vulnerabilities before their adversaries do.”
Imitation of human behavior
In benchmark tests on so-called “golden” repositories (those that contain well-documented vulnerabilities and are used for testing), Aardvark has apparently had a 92% success rate.
Explaining how it works, OpenAI said the Aardvark is not unlike a human – but without the need to rest, eat, use the toilet or the occasional emotional breakdown.
“Aardvark looks for bugs like a human security researcher can: by reading code, analyzing it, writing and running tests, using tools, and more,” it said. By continuously analyzing source code repositories, it can identify vulnerabilities, assess exploits, prioritize severity and then propose targeted patches.
Although the company emphasizes that the tool is still in beta, it also says that it is already showing commendable results. OpenAI has been running it internally “for several months” across its codebases and those of “external alpha partners” and managed to show “meaningful vulnerabilities” that contributed to OpenAI’s defensive posture.
An AI agent is an autonomous AI program that connects with other apps to perform various tasks automatically. Their popularity has grown recently, with different agents being built for different purposes, such as the AI coding agent Zencoder, the Instagram analytics agent (built on Apify), Compuser (an AI that “uses the computer”) and others.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
