Google DeepMind has introduced CodeMender, an artificial intelligence (AI) agent designed to automatically detect and fix security vulnerabilities in software code. The system can identify bugs, suggest patches, and verify fixes without requiring manual intervention, allowing developers to rely entirely on the AI for resolving security issues. CodeMender works both reactively, repairing existing flaws, and proactively, rewriting code to prevent potential vulnerabilities before they arise.
Fixing software vulnerabilities is traditionally time-consuming and challenging. Conventional AI tools struggle in this area because understanding the logic and context of thousands of lines of code is complex, and deployment-based tests are often ineffective for non-crashing bugs. DeepMind says CodeMender overcomes these challenges by analysing the structure and logic of software to detect weak points that could lead to exploits.
Once a patch is generated, CodeMender tests it to ensure the vulnerability is resolved and that no new issues are introduced. If a fix fails verification, the AI iterates and self-corrects until it meets both security and functionality standards. Its proactive capabilities allow it to rewrite code following safer programming practices, helping prevent entire classes of vulnerabilities before they can cause harm.
In a six-month trial, CodeMender successfully generated 72 verified security patches across major open-source software projects, addressing issues such as memory mismanagement, buffer overflows, and unsafe data handling. Some of the projects analysed were as large as 4.5 million lines of code, demonstrating the AI’s ability to scale to complex systems.
Currently, CodeMender is a research project and is not publicly available. Every patch generated is reviewed by human researchers before being submitted upstream. DeepMind plans to publish the techniques used and results from its trials in upcoming technical papers and reports.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
