Necessary Always Active
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
|
||||||
|
||||||
|
||||||
|
Published on
October 7, 2025
5 min read
Google DeepMind Unveils AI CodeMender to Fix Security Vulnerabilities
In Focus
- Google DeepMind has introduced AI agent, CodeMender
- DeepMind says CodeMender can detect and fix security vulnerabilities in software
- New AI system leverages the thinking capabilities of Gemini DeepThink
Google DeepMind has introduced CodeMender. Unveiled On October 6, 2025, the AI agent is designed to detect and fix software code vulnerabilities automatically. According to Gadget360, Google’s DeepMind CodeMender is capable of identifying bugs and eliminating manual fixes by verifying patches.
CodeMender’s Understanding of Code Logic and Structure
Fixing software vulnerabilities is a difficult and time-consuming process. There is minimal application of AI in this area because it requires in-depth understanding of context and logic of numerous lines of code and ability to detect a wide range of flaws.
Google DeepMind says CodeMender can understand the logic and structure of highly complex software. The AI system leverages the thinking capabilities of Gemini DeepThink to create an autonomous AI agent that can debug and fix complex software vulnerabilities.
“CodeMender helps solve this problem by taking a comprehensive approach to code security that’s both reactive, instantly patching new vulnerabilities, and proactive, rewriting, and securing existing code, and eliminating entire classes of vulnerabilities in the process,” Google DeepMind said in a blog post.
Google’s DeepMind AI agent analyses the source code and identifies the weak points that could potentially be exploited. The AI system then generates secure fixes for the vulnerabilities.
Building Defenses Against Potential Vulnerabilities
CodeMender applies a proactive approach to create defenses against potential risks. The AI system is designed to test patches to ensure that vulnerabilities have been solved and ascertain that new issues have not emerged.
Google DeepMind says “CodeMender uses a debugger, source code browser, and other tools to pinpoint root causes and devise patches” to “effectively patch a vulnerability and prevent it from re-emerging”.
The system also self-corrects where patches fail verification. The iteration process continues until the changes on software code meet the functionality and security standards. Google has been integrating Gemini AI in most of its products. Last month, the search giant added Gemini AI to Google TV to make viewing more intuitive and conversational.
Rewriting Software Code to Address Security Issues
The reactive approach to fixing software vulnerabilities involves rewriting existing code to utilize secure data structures and APIs. DeepMind claims that its AI code security agent can rewrite code in a way that aligns with safe programming practices.
“CodeMender agent is equipped with robust tools that let it reason about code before making changes, and automatically validate those changes to make sure they’re correct and don’t cause regressions,” Google DeepMind added.
By rewriting software code, the AI agent enables developers to address a wide range of vulnerabilities before they cause harm.
Google DeepMind’s CodeMender at a Glance:
- AI code security agent can analyse source code, identify vulnerabilities, and fix them
- CodeMender applies proactive and reactive approaches to fixing code vulnerabilities
- The AI agent can rewrite code in a way that aligns with safe programming practices
- Google’s CodeMender can test patches and self-correct if patches fail verification
CodeMender Trials and Accessibility
Google DeepMind says it conducted trials on its new AI agent. In a 6-month trial, the CodeMender trial results showed that the AI agent found 72 verified security patches in major open-source software. Some of the AI fixes proposed included memory mismanagement, unsafe data handling, and buffer overflows.
DeepMind stated that some trial projects had up to 4.5 million lines of code. Currently, the AI security agent is a research project and is not accessible to the general public. Google DeepMind added that every CodeMender-generated patch is reviewed by humans before being submitted upstream.
Last week, Google unveiled Gemini for Home, a move that saw the tech giant add Gemini AI to its new Smart Home Speaker and Nest devices like Nest Cameras and the Nest Doorbell.
