OpenAnt: LLM-Powered Vulnerability Discovery Through Code Decomposition, Adversarial Verification, and Dynamic Testing
Researchers have developed OpenAnt, an open-source system designed to discover vulnerabilities in large codebases using a multi-stage pipeline that combines static analysis with LLM-based reasoning. The system decomposes code into manageable units, uses adversarial verification to simulate exploitability, and dynamically tests findings in sandboxed environments. Evaluations on projects like OpenSSL and WordPress demonstrated OpenAnt's ability to identify unknown vulnerabilities with reduced false positives and manageable costs. AI
IMPACT This system demonstrates a practical application of LLMs for enhancing software security and reducing the burden of manual code review.