Google has unveiled CodeMender, a new AI-powered security agent designed to find and fix software vulnerabilities automatically – marking a major step in its effort to make code “secure by design”.
Google has announced CodeMender, a new AI-powered security agent designed to find and fix software vulnerabilities automatically.
Unveiled as part of Google’s new AI Security Frontier strategy, CodeMender uses machine learning to scan source code, detect weaknesses, and apply context-aware fixes in real time.
The company says the tool can patch issues before attackers exploit them, significantly reducing the window of exposure for developers and organisations.
According to Google, CodeMender has already been deployed internally across thousands of its own repositories, where it has reportedly prevented millions of potential security bugs from reaching production.
The AI can identify vulnerabilities ranging from outdated dependencies and memory leaks to privilege escalation flaws, then suggest or implement remediation steps autonomously.
Google said in a statement: “AI is transforming the way we defend digital infrastructure. CodeMender represents a new era in software security -one where developers can defend at the speed of AI.”
The launch sits within a broader initiative that also includes Project Naptime, which uses AI to monitor networks for threats, and Secure AI Framework (SAIF), Google’s evolving set of standards for building trustworthy AI systems.
Together, these efforts reflect Google’s vision for combining generative AI with traditional cybersecurity practices.
Security experts say CodeMender could be a game-changer for large-scale enterprises dealing with sprawling codebases.
However, some have cautioned that overreliance on automated fixes could introduce new risks if models misidentify critical code paths.
Still, with cyberattacks and software supply-chain vulnerabilities on the rise, CodeMender underscores Google’s ambition to lead in AI-driven security.
Google unveils its AI agent CodeMender to protect code
