Improving code security analysis using LLM

[seriousme]

Select Topic Area

Product Feedback

Body

The advent of large language models like GPT has shown that they can be used for security analysis as well, e.g:

• https://socket.dev/blog/introducing-socket-ai-chatgpt-powered-threat-analysis
• https://docs.aws.amazon.com/codewhisperer/latest/userguide/security-scans.html

it would be nice if GitHub code scanning and the NPM repository would incorporate such techniques as well by default, so that the white hats have a better chance against the black hats.

Kind regards,
Hans