TL;DR
LLMSecGuard is a framework combining static analyzers and LLMs to improve code security and benchmark the security evolution of LLMs in software development.
Contribution
It introduces LLMSecGuard, an open-source framework that enhances code security and provides security benchmarking for LLMs.
Findings
Enhanced security of code generated by LLMs
Open source framework available for developers
Benchmarking feature tracks security improvements over time
Abstract
Many developers rely on Large Language Models (LLMs) to facilitate software development. Nevertheless, these models have exhibited limited capabilities in the security domain. We introduce LLMSecGuard, a framework to offer enhanced code security through the synergy between static code analyzers and LLMs. LLMSecGuard is open source and aims to equip developers with code solutions that are more secure than the code initially generated by LLMs. This framework also has a benchmarking feature, aimed at providing insights into the evolving security attributes of these models.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
