Will AI Code Generators Overcome Their Insecurities This Year?
DARKReading, Monday, January 6th, 2025
In just two years, LLMs have become standard for developers - and non-developers - to generate code, but companies still need to improve security processes to reduce software vulnerabilities.
The use of large language models (LLMs) for code generation surged in 2024, with a vast majority of developers using OpenAI's ChatGPT, GitHub Copilot, Google Gemini, or JetBrains AI Assistant to help them code.
However, the security of the generated code - and developers' trust in that code - continues to lag. In September, a group of academic researchers found more than 5% of the code generated by commercial models and nearly 22% of the code generated by open source models contained package names that do not exist. And in November, a study of the code generated by five different popular artificial intelligence (AI) models found that at least 48% of the generated code snippets contained vulnerabilities.