Comment by viccis
3 days ago
People who don't do intense security work for a living underestimate the complexity of it. This might find some vulnerabilities, but it's not really capable of producing new methods and attacks. What it replaces isn't a high quality human researcher; it replaces current static code review systems.
If AI models never had stack smashing writeups in their corpus, they'd never be able to invent stack smashing.
So, by any reasonable measure, I've spent a career doing "intense security work", with a particular focus in vulnerability research, and I do not agree with this at all.
What evidence do you have? It sounds like you probably haven't been providing much value if an LLM can replace you.