IRIS is a neuro-symbolic approach that enhances software security by combining the strengths of large language models with traditional static analysis techniques.

• Overcomes limitations of existing tools that rely on human-labeled specifications
• Leverages LLMs' code understanding while compensating for their reasoning limitations
• Performs whole-repository analysis to detect complex security vulnerabilities
• Demonstrates higher effectiveness compared to conventional security scanning approaches

This research represents a significant advancement for security teams seeking more reliable, automated vulnerability detection in their software development lifecycle.

IRIS: LLM-Assisted Static Analysis for Detecting Security Vulnerabilities