OpenAI Unveils Aardvark, New Cybersecurity AI to Fix Vulnerabilities

San Francisco, CA — OpenAI has introduced Aardvark, a cybersecurity agent designed to identify and fix software vulnerabilities. Launched on October 30, 2025, Aardvark is the latest innovation from OpenAI in a year marked by advancements in artificial intelligence.

As software vulnerabilities continue to rise, with tens of thousands discovered each year, Aardvark aims to assist security teams. According to OpenAI’s blog post, Aardvark was originally developed as an internal tool to aid its own developers.

Matt Knight, Vice President at OpenAI, stated, “Our developers found real value in how clearly it explained issues and guided them to fixes. That signal told us we were on the path to something meaningful.” Aardvark utilizes LLM-powered reasoning and takes a systematic approach to cybersecurity.

The process begins with Aardvark examining a code repository to understand its purpose and security implications. It then searches for vulnerabilities by analyzing past changes and new code. While scanning, Aardvark annotates the code, providing explanations on the vulnerabilities it discovers, which developers can review.

Furthermore, Aardvark tests vulnerabilities in a sandboxed environment, attempting to trigger them to produce labeled results for further investigation. Finally, Aardvark aids developers in rectifying vulnerabilities by generating patches that they can review and implement.

Aardvark is currently in private beta, available to select partners invited by OpenAI. The company plans to refine the tool based on user feedback, focusing on improving detection accuracy and validation workflows.