|
|
|
|
|
|
by tgtweak
42 days ago
|
|
|
I feel like, if it was a codebase without using any security analysis tools, there would have been some more significant findings - perhaps they can re-run it on an 18 month old commit and see how many it found that were subsequenty found and fixed? Anyway, I think the case that frontier and next-gen models will get increasingly adept at finding vulnerabilities and that those on the receiving end of those vulnerabilities need to be on top of it. |
|
|
They have the CVEs in their training data, know how to look up ossfuzz logs, etc.