Google DeepMind's New AI Agent Finds And Fixes Vulnerabilities

Google’s DeepMind artificial intelligence research lab this week unveiled an AI agent designed to autonomously find and fix vulnerabilities.

Google has several projects focusing on the use of AI for the discovery of vulnerabilities in software. The tech giant recently reported that its Big Sleep agent discovered a critical SQLite vulnerability and thwarted efforts to exploit it in the wild.

Its latest product is CodeMender, an AI agent that not only finds security holes but also patches them. The company argues that such tools are needed because as AI gets better at discovering flaws, it will be difficult for humans to keep up with patching.

Related: CISO Conversations: John ‘Four’ Flynn, VP of Security and Privacy at Google DeepMind

Deepmind says CodeMender, which leverages Gemini DeepThink models, is capable of rewriting and securing existing code in order to eliminate entire classes of security bugs to prevent future exploits.

CodeMender includes checks designed to ensure that the changes it makes do not cause regressions or other issues.

The AI agent can reason about code — understanding and predicting the behavior of a program without actually running it — and effectively validate changes through the use of advanced program analysis and multi-agent systems.

Advanced program analysis includes static and dynamic analysis, fuzzing, differential testing, and SMT solvers to identify the root cause of vulnerabilities and architectural weaknesses.

Advertisement. Scroll to continue reading.

As for multi-agent systems, DeepMind explained, “We developed special-purpose agents that enable CodeMender to tackle specific aspects of an underlying problem. For example, CodeMender uses a large language model-based critique tool that highlights the differences between the original and modified code in order to verify that the proposed changes do not introduce regressions, and self-correct as needed.”

Over the past six months, CodeMender has provided 72 security fixes to open source projects, some of which have millions of lines of code. However, DeepMind says it’s being cautious and all patches are reviewed before being submitted.

Related: Google Patches Gemini AI Hacks Involving Poisoned Logs, Search Results

Related: California Gov. Gavin Newsom Signs Bill Creating AI Safety Measures

Related: Salesforce AI Hack Enabled CRM Data Theft

Source link

What's Hot

You Can’t Use Copyrighted Characters in OpenAI’s Sora Anymore and People Are Freaking Out

IBM Just Announced a Key Anthropic Deal. Options Data Tells Us IBM Stock Could Be Headed Here Next.

Here’s what Jony Ive and Sam Altman revealed about their secretive AI hardware project at OpenAI’s Dev Day

Google DeepMind’s New AI Agent Finds and Fixes Vulnerabilities

Anthropic’s ‘anti-China’ stance triggers exit of star AI researcher

Google DeepMind’s Gemini Agent : Autonomous Al Coding Agent

Google DeepMind Releases Gemini 2.5 Computer Use Model

Matthiesen Gallery Files Lawsuit Over Gustave Courbet Painting

MoMA Partners with Mattel for Van Gogh Barbie, Monet and Dalí Figures

Underground Film Legend and Artist Dies at 92

Artwork Forfeited by Inigo Philbrick’s Partner Flops at Sotheby’s

You Can’t Use Copyrighted Characters in OpenAI’s Sora Anymore and People Are Freaking Out

IBM Just Announced a Key Anthropic Deal. Options Data Tells Us IBM Stock Could Be Headed Here Next.

Here’s what Jony Ive and Sam Altman revealed about their secretive AI hardware project at OpenAI’s Dev Day

What's Hot

Google DeepMind’s New AI Agent Finds and Fixes Vulnerabilities

Related Posts

Subscribe to Updates