OpenAI Launches Codex Security to Spot Complex Vulnerabilities

OpenAI has rolled out Codex Security, a new capability designed to help organizations find subtle and complex vulnerabilities in their code and systems. The feature is being made available to ChatGPT Pro, Enterprise, Business and Edu customers, with a free trial window for the first month.

Unlike many automated scanners that focus on obvious misconfigurations or well-known flaw patterns, Codex Security is pitched as better at surfacing nuanced issues — for example, multi-step attack chains, logic errors across services, or security gaps that depend on particular runtime contexts. OpenAI says the tool leverages its code-understanding models to reason about system behavior and identify risky interactions that simpler tools might overlook.

During the initial rollout, eligible ChatGPT customers should see Codex Security offered as part of their workspace or product tier. OpenAI's one-month free period is intended to let teams evaluate the model’s findings and integrate them into existing security workflows. Early users can experiment with generating targeted scans, triaging results, and producing remediation suggestions in natural language.

Security teams will likely still want to pair Codex Security with traditional static and dynamic analysis tools. Automated reasoning can reduce the noise of false positives and highlight complex, high‑impact cases — but human review remains important for validating exploitability and prioritizing fixes.

For organisations weighing adoption, the key questions will be integration with current CI/CD pipelines, how precise the model's findings are in practice, and how well it preserves sensitive data during analysis. OpenAI’s trial period could give security teams a low-cost way to assess these factors before committing to broader deployment.