Well the problem is that for example curl got flooded with generated security reports where only 5% had some true security potential. So your llm will basically flood you with false positives
If 5% of the reports are genuine security vulnerabilities that they wouldn’t have found otherwise, that’s looking like a big win to me, not sure how you see it differently.
Well the problem is that for example curl got flooded with generated security reports where only 5% had some true security potential. So your llm will basically flood you with false positives
If 5% of the reports are genuine security vulnerabilities that they wouldn’t have found otherwise, that’s looking like a big win to me, not sure how you see it differently.
The problem is identifying which 5%. Nobody wants to filter that much AI slop.
If you’re working for a company’s cybersec, that’s your job. And a much preferable one to waiting for an attacker to do it for you.