Software is the backbone of the modern world, yet securing it remains a daunting challenge. With tens of thousands of new security vulnerabilities discovered each year, developers and security teams are in a relentless race against adversaries. But what if you had an autonomous, tireless partner to tip the scales in your favor?

Today, OpenAI is transforming the field of software security with the introduction of Aardvark: an agentic security researcher powered by the advanced capabilities of GPT-5. Now in private beta, Aardvark is a breakthrough AI agent designed to think like a human security expert but operate at the scale required by modern codebases.

What is Aardvark and Why Was it Built?

Aardvark is not a traditional program analysis tool; it’s a sophisticated AI security researcher that uses Large Language Model (LLM) reasoning and tool-use to understand code behavior and identify flaws.

The core mission is simple: to help developers and security teams discover and fix security vulnerabilities at an unprecedented scale. By moving beyond static analysis and fuzzing, Aardvark mimics a human expert—reading code, analyzing it, writing and running tests, and utilizing tools to uncover issues like logic flaws, incomplete fixes, and privacy concerns.

How Aardvark Works: The Agentic Vulnerability Discovery Workflow

Aardvark operates through a continuous, multi-stage pipeline, integrating seamlessly with existing development tools like GitHub and OpenAI Codex.

Aardvark’s success lies in its sophisticated four-part workflow for Vulnerability Discovery:

1. Analysis: It begins by analyzing the entire code repository to produce a threat model, gaining a deep understanding of the project’s security objectives and design.
2. Commit Scanning: Aardvark continuously monitors commits and code changes. It scans for new vulnerabilities by inspecting these changes against the entire codebase and its established threat model.
3. Validation: Once a potential vulnerability is found, the AI agent attempts to exploit it in an isolated, sandboxed environment. This step confirms exploitability, ensuring high-quality, actionable, and low false-positive insights for human review.
4. Patching: Aardvark doesn’t just find problems; it proposes solutions. It leverages the power of OpenAI Codex to generate a targeted patch, which is then scanned by Aardvark itself before being attached to the finding for efficient, one-click fixing by the developer.

This process delivers clear, actionable insights right into the developer’s workflow, ensuring continuous protection as the code evolves.

Real-World Impact and a Commitment to Open Source

Aardvark has already been actively deployed internally at OpenAI and with external alpha partners, contributing significantly to their defensive posture. In benchmark testing on “golden” repositories, Aardvark demonstrated high recall and real-world effectiveness by identifying 92% of known and synthetically-introduced vulnerabilities.

Securing the Digital Ecosystem

OpenAI is also committed to securing the broader software supply chain. Aardvark has been applied to various open-source projects, leading to the responsible disclosure of numerous vulnerabilities, ten of which have already received Common Vulnerabilities and Exposures (CVE) identifiers.

In the spirit of giving back, OpenAI plans to offer pro-bono scanning to select non-commercial open-source repositories, contributing powerful security expertise to projects that form the foundation of our digital world.

Why Aardvark Matters for the Future of Software Security

The statistics are clear: over 40,000 CVEs were reported in 2024 alone, and about 1.2% of code commits introduce bugs. This small percentage can have outsized, systemic consequences for businesses and critical infrastructure.

Aardvark represents a new, defender-first model. It is an agentic partner that delivers continuous protection, catching vulnerabilities early, validating exploitability, and providing clear fixes. By automating the tedious and complex work of the security researcher, Aardvark strengthens security without sacrificing the speed of innovation.

The private beta is now open to select partners. If your organization or open-source project is interested in getting early access to this powerful AI Security Researcher, you can apply via the OpenAI website to help refine Aardvark’s detection accuracy and validation workflows. This is a crucial step toward expanding access to world-class security expertise for all.