Large Language Models for Infrastructure as Code Vulnerability Remediation

Raul Reyes, Benjamin M. Ampel, Hsinchun Chen
Last updated on Jun 9, 2026
In Plain Terms

Infrastructure as Code lets teams set up cloud systems automatically, but the scripts often contain insecure settings that scanners can flag yet not fix. This paper fine-tunes large language models to automatically rewrite vulnerable Terraform code into secure versions, training on thousands of real scripts and their detected misconfigurations. The results show that adapting LLMs to this specific task improves their ability to remediate cloud security flaws.

Key Contributions

Key contributions will be added soon.

Artifacts

No artifacts listed yet.

Related Papers

Citation

Raul Reyes, Benjamin M. Ampel, & Hsinchun Chen (2025). Large Language Models for Infrastructure as Code Vulnerability Remediation. WISP
Infrastructure as Code Large Language Models Vulnerability Remediation DevSecOps Cloud Security
Benjamin M. Ampel
Benjamin M. Ampel
Assistant Professor in Computer Information Systems and Director, Center for CyberAI Research (CCAIR)

My research focuses on AI-enabled Cybersecurity, including Cyber Threat Intelligence, Large Language Models, and Phishing Detection.

Loading stats...