IEEE

Can a Llama Be a Watchdog? Exploring Llama 3 and Code Llama for Static Application Security Testing

Abstract: Research in software vulnerability detection has seen significant growth, with numerous systems and techniques being developed. Deep learning approaches have become partic-ularly popular, ...
IEEE

Model Cascading for Code: A Cascaded Black-Box Multi-Model Framework for Cost-Efficient Code Completion with Self-Testing

The rapid advancement of large language models (LLMs) has significantly improved code completion tasks, yet the trade-off between accuracy and computational cost remains a critical challenge. While ...
theregister

Using AI to code does not mean your code is more secure

As more people use AI tools to write code, the tools themselves are introducing more vulnerabilities. Researchers affiliated with Georgia Tech SSLab have been tracking CVEs attributable to flaws in AI ...
Bleeping Computer

GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. The developer ...