Introducing VirtueGuard-Code, the next-generation security framework that provides comprehensive guardrails of AI generated code; significantly outperforms the industrial leading product: LlamaFirewall
CodeGen AI and security risks
Together with the remarkable coding capabilities of generative AI models and agents come the concerns on their security risks related to code generation. As shown in our recent posts [How Safe is Your AI Coding Assistant? A Virtue AI Security Audit], leading commercial and open source models as well as coding agents can generate vulnerable code that can lead to serious security concerns. For example, AI code assistants such as Cursor may generate vulnerable code belonging to CWE-95 (unsafe use of the eval() function in python), which will lead to arbitrary code execution. It can also generate vulnerabilities of CWE-200 that will lead to sensitive information leakage.
Our recent research works [RedCode] also shows that LLMs can be jailbroken to generate malware and cyber attacks following malicious queries. This is a serious concern, as attackers can leverage generative AI to automate their attacks and launch attacks at a scale. For example, in CVE-2024-23751, attackers leverage LLM to generate malicious payload for SQL injection attacks.
VirtueGuard-Code – Technique at a glance
To promote safe and secure usage of generative AI in coding tasks, at Virtue AI we develop VirtueGuard-Code, a real-time guardrail for Gen AI-based coding models and agents.
VirtueGuard-code equips with our customized VirtueGuard-code models for various code generation risks. Our models are compact yet effective autoregressive models, capable of identifying malicious user queries and detecting severe vulnerabilities in AI generated code. An overview of our VirtueGuard-Code design is shown in Figure 1. We also provide an agentic guardrail solution VirtueGuard-Code Agent- building on our guardrail models. It can autonomously invoke other available tools as needed and thus effectively retrieve necessary code context when conducting vulnerability detections. This will significantly reduce the false positives when detecting the vulnerabilities in AI generated code, especially when it involves multiple functions/classes and even files.
Overview of VirtueGuard-Code, which provides guardrail solution for both input and output on malicious requests and generated code levels.
VirtueGuard-Code supports automatic scanning of the current file setting:
vulscan.autoAnalyzeOnSave=trueIt also supports analyzing specific code sections. As shown below, VirtueGuard-Code can scan the selected function and flag potential vulnerabilities in the selected code, together with suggestions for improving the code.
VirtueGuard-Code can analyze the selected function, pinpoint potential vulnerabilities, and provide mitigation suggestions.
Ready to secure your coding agents? Contact our team today to learn more about Virtue AI’s comprehensive security platform and schedule a demonstration tailored to your specific use cases.
[Request Demo] | [Learn More on LinkedIn]
About Virtue AI: We are a leading provider of security solutions for AI agent systems, committed to enabling the safe and secure deployment of autonomous AI in enterprise environments. Our team of AI and cybersecurity experts is dedicated to staying ahead of emerging threats and protecting organizations as they adopt agentic AI technologies.