There is step changes that actually merit this though. And a zero day machine IS one of those. It went from 4% zero day success rate to 85% on firefox.
A 0 day is just a vulnerability that wasn’t known before now.
What’s the criticality of these? Are they realistically exploitable? En mass? Through a complex and highly contextual set of actions? What’s the impact? Etc etc etc.
Yes those numbers are a big change but they’re also not spelling doom for us in the security world until we actually know what they mean.
The demonstrated ones that they have on the red team blog are neat, the kernel chain is impressive and fun. But nothing I’m seeing here is as world ending as the presser implies.
> The demonstrated ones that they have on the red team blog are neat, the kernel chain is impressive and fun
So by your estimation, for rogue actors being able to uncover hundreds of this class in each major software product roughly for free would not be a big issue?
We must have read two different red team blogs from Anthropic if that’s what you think is happening. But let’s go ahead and assume what you’re asking at face value.
It would not be a doomsday issue as implied, no. Org security has gone far beyond static detections and “just exclude some IPs that fail to log in too much and we’re good”. SOAR exists. Behavioral analysis and monitoring exists. Layered defenses exist.
Believe it or not for those of us in security in large highly targeted companies we’ve been dealing with the potential for multiple chained 0 days for years and the processes, monitoring, and (yes, automated) response architecture is already there.
I get that this is absolutely frightening for some and that causes panic but for us this is Tuesday.
Additionally those numbers are somewhat meaningless without more context.