The US government is launching a competition to find the best AI for fixing flaws

A profile of a human brain against a digital background.
Image credit: geralt on Pixabay (Image credit: Pixabay)

The US Government's Defense Advanced Research Projects Agency (DARPA) has revealed a two-year contest to find the best AI tools for fixing software vulnerabilities.

The AI Cyber Challenge will be held in collaboration with industry heavyweights including OpenAI, Google and Microsoft, with the Linux Foundation’s Open Source Security Foundation (OpenSSF) acting as the challenge advisor.

With $18.5m in total up for grabs as prizes, the task of the competing teams, who will all be US-based, is to come up with a way to protect software that runs critical infrastructure code using AI. The small businesses that participate will get $1M each from DARPA to develop their tools.  

Open source worries

DARPA program manager Perry Adams said that, “We want to create systems that can automatically defend any kind of software from attack,” adding, "The recent gains in AI, when used responsibly, have remarkable potential for securing our code, I think."

With the huge proliferation of open source code used in all manner of applications, there are now more codebases with vulnerabilities. This has opened the door to more and more supply chain attacks, which can have devastating and far-reaching impacts.

In response, President Biden signed an executive order to increase cybersecurity standards for the software supply chain, to ensure that such software used by the government is safe from the start.

Despite concerns that the government has also voiced over the recent explosion of AI, even wanting to launch an AI bill of rights, it seems that it also has faith in its powers to do good with the new competition. 

“The AI Cyber Challenge is a chance to explore what’s possible when experts in cybersecurity and AI have access to a suite of cross-company resources of combined, unprecedented caliber,” Adams said.

“If we’re successful, I hope to see the AI Cyber Challenge not only produce the next generation of cybersecurity tools in this space, but show how AI can be used to better society by here defending its critical underpinnings.”

As many cybercriminals are turning to AI to launch attacks, defenders and security software vendors are also making use of the this high-level automation to detect and counter threats.  

Qualifying for the AI Cyber Challenge will take place in Spring 2024, with up to 20 of the best performers invited to the semifinal at that year's DEF CON conference. Up to five of the winning teams will receive $2M in prizes and then make it to the final at DEF CON 2025. The top three will also receive prizes, and the outright winner will get $4M. 

All winners will be asked to make their developed systems open source, although they will not be required to do so; it is purely voluntary. 

Lewis Maddison
Reviews Writer

Lewis Maddison is a Reviews Writer for TechRadar. He previously worked as a Staff Writer for our business section, TechRadar Pro, where he had experience with productivity-enhancing hardware, ranging from keyboards to standing desks. His area of expertise lies in computer peripherals and audio hardware, having spent over a decade exploring the murky depths of both PC building and music production. He also revels in picking up on the finest details and niggles that ultimately make a big difference to the user experience.

Read more
A woman at a table using a Windows laptop, opposite sits a man, neither show their face
Microsoft will now pay you even more to find security bugs in Copilot
A hand reaching out to touch a futuristic rendering of an AI processor.
Balancing innovation and security in an era of intensifying global competition
An abstract image of digital security.
Identifying the evolving security threats to AI models
An image of network security icons for a network encircling a digital blue earth.
Why effective cybersecurity is a team effort
Concept art representing cybersecurity principles
Navigating the rise of DeepSeek: balancing AI innovation and security
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Latest in Pro
An image of network security icons for a network encircling a digital blue earth.
Why multi-CDNs are going to shake up 2025
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Millwall FC The Den
The UK's first football club mobile network is here - but you probably won't guess which team has launched it
A person using a smartphone with a cybersecurity lock symbol appearing over it.
The growing threat of device code phishing and how to defend against It
Latest in News
Xbox Series X and Xbox wireless controller set to a green background
Xbox Insiders are currently testing a new Game Hub feature that looks useful, but I've got mixed feelings about it
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Microsoft Surface Laptop and Surface Pro devices on a table.
Hate Windows 11’s search? Microsoft is fixing it with AI, and that almost makes me want to buy a Copilot+ PC
Oura Ring 4
Activity tracking on Oura Ring is about to get a whole lot better, but I've got bad news about your step count
Google Pixel Buds Pro 2
Cleaned your Pixel Buds Pro 2 recently? If not, you might be getting worse sound
Google Maps on a phone being held in someone's hand
Google Maps is getting two key upgrades, for easier route planning and quicker access to Gemini AI