Google has announced that its AI-powered bug detection tool, Big Sleep, has successfully identified 20 security vulnerabilities in widely used open source software. This marks the first set of findings reported by the large language model-based vulnerability researcher.
Heather Adkins, Google’s vice president of security, shared the news on Monday, stating that Big Sleep discovered flaws in various popular tools, including the audio and video processing library FFmpeg and the image-editing software ImageMagick. The tool was developed through a collaboration between DeepMind and Google’s cybersecurity team, Project Zero.
Although Google has not yet revealed the specific details or severity of the vulnerabilities due to standard disclosure procedures, the discoveries themselves highlight the growing impact of AI in cybersecurity. The vulnerabilities are still awaiting fixes before full disclosure can take place.
Kimberly Samra, a spokesperson for Google, explained that while human experts review the findings before they are officially reported, the AI independently identified and reproduced all the issues. She said, “To ensure high quality and actionable reports, we have a human expert in the loop before reporting, but each vulnerability was found and reproduced by the AI agent without human intervention.”
Royal Hansen, vice president of engineering at Google, commented on the breakthrough by saying the results represent “a new frontier in automated vulnerability discovery.”
Big Sleep is not alone in this space. Other AI-powered tools, such as RunSybil and XBOW, are also being developed to detect software vulnerabilities using large language models.
Google’s progress with Big Sleep reflects a growing shift in cybersecurity, where artificial intelligence is playing an increasingly active role in identifying threats and helping developers secure their software before issues are exploited.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
