New AI model offers faster, greener way for vulnerability detection

A team of researchers has developed a new AI model, called White-Basilisk, that detects software vulnerabilities more efficiently than much larger systems. The model’s release comes at a time when developers and security teams face mounting pressure to secure complex codebases, often without the resources to deploy large-scale AI tools.

A compact model with big results

Unlike LLMs, which can require billions of parameters and heavy computational power, White-Basilisk is compact, with just 200 million parameters. Yet it outperforms models more than 30 times its size on multiple public benchmarks for vulnerability detection. This challenges the idea that bigger models are always better, at least for specialized security tasks.

White-Basilisk’s design focuses on long-range code analysis. Real-world vulnerabilities often span multiple files or functions. Many existing models struggle with this because they are limited by how much context they can process at once. In contrast, White-Basilisk can analyze sequences up to 128,000 tokens long. That is enough to assess entire codebases in a single pass.

“The core challenge we tackled stems from a fundamental limitation in how AI models process code,” Ioannis Lamprou, the lead researcher, told Help Net Security. “Most vulnerabilities don’t exist in isolation. They often span multiple functions or even entire files. However, traditional transformer-based AI models have what we call ‘quadratic complexity,’ meaning their computational requirements grow exponentially as the code length increases. This makes them impractical for analyzing large, real-world codebases.”

Built for efficiency and context

To overcome those limitations, the team created a hybrid architecture built around three components. Mamba layers handle local code patterns. A custom linear attention mechanism maintains global context. A Mixture of Experts system routes input to different parts of the model depending on the task.

“While previous research has explored solutions to this complexity problem, none had successfully applied these techniques to a complex downstream task like vulnerability detection,” Lamprou said. “Our breakthrough was developing a hybrid architecture that achieves linear complexity. Computational requirements grow proportionally rather than exponentially with code length.”

The model’s linear attention mechanism allows it to handle long sequences without hitting memory limits, even on modest hardware. “The result is a 200-million parameter model that can process sequences up to 128,000 tokens (proved by the paper, theoretically it can reach over 1 million tokens) while outperforming much larger models that use traditional quadratic attention mechanisms,” he added.

Greener AI for security work

White-Basilisk is also energy-efficient. Because of its small size and streamlined design, it can be trained and run using far less energy than larger models. The research team estimates that training produced just 85.5 kilograms of CO₂. That is roughly the same as driving a gas-powered car a few hundred miles. Some large models emit several tons of CO₂ during training.

This efficiency also applies at runtime. White-Basilisk can analyze full-length codebases on a single high-end GPU without needing distributed infrastructure. That could make it more practical for small security teams, researchers, and companies without large cloud budgets.

Real-world use cases already in mind

The researchers say White-Basilisk could fit easily into current development and security workflows.

“We envision White-Basilisk’s efficiency enabling deployment across multiple scenarios,” said Lamprou. “This includes a VSCode extension that runs locally on developers’ machines, providing real-time vulnerability suggestions as they code. No cloud connectivity or powerful hardware required. It could also integrate into CI/CD pipelines, checking for issues on every commit. And it could run in closed environments like IoT or air-gapped systems where resources are limited but security is essential.”

Rather than replacing existing tools, he sees the model acting as a complementary layer that brings deeper, longer-range analysis. “White-Basilisk can handle the complexity and scale of modern codebases while fitting into established practices,” he said.

Still a work in progress

The model has limits. It was trained only on C and C++ code, so its performance on other languages is unproven. Detecting brand-new or extremely rare bugs remains a challenge. The model’s decisions are also not yet easy to explain, which may matter in production or regulated environments.

The team is working to expand language support, improve transparency, and explore new domains where long-range analysis is useful. “This research is currently under review at a top-tier AI conference and represents a significant step forward in making advanced AI-powered security tools more accessible and practical for real-world deployment,” Lamprou said.