- cross-posted to:
- programming@beehaw.org
- programming@lemmy.ml
- cross-posted to:
- programming@beehaw.org
- programming@lemmy.ml
Seems like he’s been pushed into using LLMs as a way to cope with the deluge of LLM-generated security reports.
Seems like he’s been pushed into using LLMs as a way to cope with the deluge of LLM-generated security reports.
It’s not just LLM generated security reports, but vulnerabilities discovered by AI. Your wording implies they were just reports, and of less validity. Lazy LLM reports are not what he is trying to cope with, since there is nothing to do but close those reports. He is talking about real, verified, vulnerabilities that weren’t discovered until AI tools. Not because humans couldn’t find them, but none ever did. When it comes to finding, it really doesn’t matter if it’s found by human or AI, since that doesn’t change its existence or severity.
And the side that noone else talks about, threat actors are highly likely to be using ai to find these potential vulnerability. So you you are not doing the same you are immediately at a disadvantage
I am reporting that every line of your code has 17 errors. I just generated 1562364 bug reports for you. Now you just need to close those that are false, no big deal.
Except not every bug AI finds is that bad. And you have to wax through all of them.
You absolutely don’t need to wax all of them, where did you get that idea? It’s okay to only wax a few of them.
How do you know which ones to wax through?
Not even every bug AI finds is a bug.