Most tech firms, big and small, are investing in AI in one way or the other. We recently learned that OpenAI and AMD have partnered to supply 6 gigawatts of GPU power to the former while also allowing it to purchase 10% of AMD"s stock, depending upon certain conditions. Now, Google has announced the latest updates in its own AI efforts, and they are quite interesting.
For starters, Google has announced an AI agent called CodeMender. As the name suggests, this agent is responsible for fixing security vulnerabilities in your code autonomously. This tool has been built using Google"s learnings from BigSleep and OSS-Fuzz, and the company hopes that it will empower humans to quickly deliver patches for existing code that is insecure. CodeMender relies on Gemini for root cause analysis (RCA), after which it produces security patches which are then peer-reviewed by "critique agents", before they are sent to a human reviewer for validation and sign-off.
In addition, the firm has revealed a dedicated vulnerability reward program (VRP) specifically for its AI products. You can find out more details about it here, but it essentially offers bounties of up to $20,000 for severe bugs.
Finally, Google has updated its Secure AI Framework (SAIF) to version 2.0, which now includes three new components. The first is an agent risk map to chalk out agentic threats, the second is a collection of security updates that are being rolled out across Google"s AI agents, and the third is donation of the risk map data to the Coalition for Secure AI Risk Map to benefit more people.
Google claims that its goal is to use AI to make the world a safer place by offering protection against malicious actors and state-sponsored attackers. It has emphasized that its three initiatives announced today are a part of this long-term vision to facilitate cybersecurity defenders.