OpenAI has introduced a new security-focused AI tool called Codex Security. The company has basically rebranded and upgraded its earlier security agent called Aardvark. The new system is now available in research preview for ChatGPT Pro, Team, Enterprise, and Edu users.
Codex Security is designed to help developers automatically detect and fix vulnerabilities inside software projects. Instead of simply flagging potential issues like traditional scanners, the AI agent analyzes the entire codebase, identifies security risks, and suggests specific fixes.
The tool is currently available through the Codex interface, and OpenAI is offering free usage for early testers until next month.
OpenAI first introduced this system last year under the name Aardvark. It was tested in private beta with a small group of developers and security teams. Developers could give the AI agent access to their codebase, and it would continuously analyze the project to find vulnerabilities. It could also recommend changes that could fix those security problems.
After months of testing and improvements, OpenAI has now evolved the project into Codex Security. The new version focuses on improving accuracy, reducing false alerts, and helping teams focus on real security issues.
This is important because many existing security tools generate a large number of warnings. Developers often spend a lot of time checking issues that are not actually serious.
OpenAI says Codex Security is trying to solve two growing problems in modern software development.
First, AI tools are now generating huge amounts of code. Developers using AI assistants can create thousands of lines of code very quickly. While this speeds up development, it also increases the chances of introducing security flaws.
Second, traditional security scanners often produce too many warnings. Many of these alerts are either false positives or low-impact issues. Security teams then spend hours reviewing them manually.
Codex Security attempts to solve this using what OpenAI calls agentic reasoning combined with automated validation. OpenAI says the tool has improved significantly during testing. According to the company, repeated scans of the same code repository reduced unnecessary alerts by about 84 percent compared to the early version of the system. The company also claims the rate of over reported severity dropped by more than 90 percent, while overall false positives across repositories fell by more than 50 percent.
These improvements are important because one of the biggest frustrations for security teams is the amount of noise generated by automated scanners. Tools like Codex Security represent a new category of AI powered security assistants. Instead of just analyzing code and reporting problems, these systems act more like autonomous security researchers.
They can review large codebases, understand how different parts interact, and propose targeted fixes. For large companies managing millions of lines of code, this kind of automation could become extremely valuable. Security reviews are one of the slowest parts of the development process, especially when teams are releasing updates frequently.
From an industry perspective, Codex Security shows how AI is slowly moving deeper into the DevSecOps pipeline. Earlier AI tools mainly focused on writing code. Now the next phase is reviewing, debugging, and securing that code automatically.
However, there is also an interesting paradox here. AI coding tools are helping developers write more code faster, but they are also increasing the risk of hidden vulnerabilities. In some ways, AI is creating a new security problem and then offering another AI tool to solve it.
That is why systems like Codex Security will need to prove that they are reliable enough for real-world enterprise use. If the tool performs well, OpenAI could eventually integrate it more deeply into development workflows. It could appear inside IDEs, CI/CD pipelines, or even Git repositories to automatically review code before it gets merged.
There is also a strong chance that other AI companies will build similar tools.
