OpenAI has launched Codex Security, a new application security agent, currently available in research preview to ChatGPT Enterprise, Business, and Education customers. Formerly known as Aardvark, the tool was developed from internal prototypes and early private beta deployments where it identified critical vulnerabilities such as server-side request forgery and cross-tenant authentication flaws. The primary objective of Codex Security is to address the growing challenge of security reviews becoming a bottleneck in software development by reducing the noise of false positives and insignificant bugs that plague traditional security tools. Unlike many existing AI security solutions that flag low-impact findings, forcing teams to spend excessive time on triage, Codex Security leverages OpenAI's frontier models to build deep context about specific projects. This approach enables the agent to identify complex vulnerabilities that other tools miss, providing high-confidence findings paired with actionable fixes. During its beta phase, the system demonstrated significant improvements in precision. Scans on the same repositories showed an 84% reduction in noise, a 90% drop in over-reported severity, and a 50% decrease in false positive rates. In the last month of beta testing, Codex Security scanned over 1.2 million commits across external repositories, identifying 792 critical and 10,561 high-severity issues, with critical problems appearing in less than 0.1% of all scanned code. The agent is designed to learn from user feedback over time. When users adjust the criticality of a reported issue, Codex Security uses this data to refine its threat model, better aligning future reports with the organization's actual architecture and risk posture. It operates at scale to surface the highest-confidence findings, allowing developers to accept patches easily and ship secure code faster. Recognizing that open-source software forms the foundation of modern systems, OpenAI has applied Codex Security to scan critical open-source repositories it relies on. The company received feedback from maintainers that the industry suffers not from a lack of reports, but from an excess of low-quality alerts. In response, Codex Security prioritizes high-impact, sustainable findings rather than speculative issues. OpenAI has also begun onboarding an initial group of open-source maintainers into Codex for OSS, a program offering free access to advanced tools, code review support, and security scanning. Projects such as vLLM have already utilized the tool to find and patch issues within their normal workflows. Access to Codex Security will roll out to ChatGPT Enterprise, Business, and Education users over the coming days via the Codex web interface. The first month of usage is provided free of charge. OpenAI encourages open-source maintainers interested in the program to reach out for onboarding. By combining agentic reasoning with automated validation, Codex Security aims to transform security workflows, helping teams focus on the vulnerabilities that truly matter while minimizing the burden of unnecessary triage.