Why Codex Security Doesn’t Include a SAST Report

Source: OpenAI Date: 2026-03-16 URL: https://openai.com/index/why-codex-security-doesnt-include-sast

Summary

OpenAI technical blog post from March 2026 explaining why Codex’s security evaluation did not include a Static Application Security Testing (SAST) report — a standard security deliverable in enterprise software evaluation. SAST analyzes source code statically for known vulnerability patterns; its absence in Codex’s security documentation would be notable to enterprise security teams. OpenAI’s explanation likely argued that SAST was the wrong tool for evaluating AI model security (which involves behavioral and emergent risks rather than code vulnerability patterns) and described what Codex’s actual security evaluation covered instead.

Implications

Reframing AI security evaluation. Traditional software security tools (SAST, DAST, penetration testing) were designed for conventional software, not for evaluating an AI model’s security properties. OpenAI’s blog post was part of the broader work of defining what “security evaluation” meant for AI systems — a question relevant to enterprise procurement, regulatory compliance, and the emerging AI security standards landscape.

Thread: Agentic AI security and Codex. Sits alongside the instruction hierarchy research, the prompt injection safety post, and the Trusted Access for Cyber program as OpenAI’s engagement with the security evaluation and assurance challenges specific to AI coding tools.

Watch: Whether enterprise security teams accepted OpenAI’s framing of why SAST was the wrong evaluation for Codex, or whether the absence of a SAST report remained a procurement blocker for organizations with compliance requirements around software security assurance.