Comment by orenlindsey
1 day ago
I think AI bug scanning is a good thing, it will ensure almost all high severity get caught before entering prod. There can certainly be downsides but I am personally all for it.
1 day ago
I think AI bug scanning is a good thing, it will ensure almost all high severity get caught before entering prod. There can certainly be downsides but I am personally all for it.
Only if everyone runs it. The attacker just needs to find one vulnerable system; the defender must protect them all. Obviously given that the tool exists, the defender must run it, but it's not at all clear to me that the existence of the tool different all favours defence.
The Chinese almost certainly have similar tools and they won't wait. Waiting too long is foolish for this very reason.