AI agent finds more security flaws than human hackers at Stanford(scienceclock.com)
scienceclock.com
AI agent finds more security flaws than human hackers at Stanford
https://scienceclock.com/ai-agent-beats-human-hackers-in-stanford-cybersecurity-experiment/
3 comments
"It also produced more false positives than humans, sometimes mistaking harmless network signals for signs of a successful breach. The researchers noted that the system performs best in environments dominated by text-based inputs and outputs."
How many more? The article doesn't say.
How many more? The article doesn't say.
If the security flaws are in the training data AI will be able to detect them, stuff like OWASP are definitely in the training data. So in a way this is like more intelligent fuzzing, which is a fantastic tool to have in your toolbox. But I doubt AI will be able to detect novel security flaws that are not included in its training data.
WSJ feature: https://www.wsj.com/tech/ai/ai-hackers-are-coming-dangerousl... (https://archive.ph/L4gh3)