llm-code-generation
Safeguard articles tagged "llm-code-generation" — guides, analysis, and best practices for software supply chain and application security.
5 articles
How to validate AI-generated autofix suggestions before you merge them
319 LLM patches for 64 real CVEs were graded in 2026: only 24.8% were both secure and functional. Speed without validation just merges bugs faster.
The Security Pitfalls Hiding in AI-Generated Code
A 2021 NYU study found roughly 40% of Copilot completions on security-relevant prompts contained exploitable flaws. Here's a field guide to catching them.
AI Developer Tools: Weighing Productivity Against Security and IP Exposure
NYU found 40% of Copilot-generated code contained exploitable flaws; Samsung banned ChatGPT after three leaks in under 20 days. The productivity math still isn't simple.
Why AI-generated code needs DAST, not just SAST
Copilot-generated code carried vulnerabilities in ~40% of cases in a 2021 NYU study. Static scanning alone cannot catch the runtime-only bug classes LLMs introduce.
Securing AI-Generated Code: The New Risk Surface
40.73% of Copilot's suggested code contains a vulnerability, and one 2024 study found nearly 1 in 5 AI-recommended packages simply don't exist.