AI in AppSec: Strengths, Weaknesses, and Non-Determinism
No se pudo agregar al carrito
Add to Cart failed.
Error al Agregar a Lista de Deseos.
Error al eliminar de la lista de deseos.
Error al añadir a tu biblioteca
Error al seguir el podcast
Error al dejar de seguir el podcast
AI in AppSec: Strengths, Weaknesses, and Non-Determinism
-
Narrado por:
-
De:
Finding vulnerabilities in modern web apps using Claude Code and OpenAI Codex | Semgrep," focuses on a security research experiment conducted by Semgrep to assess the effectiveness of AI Coding Agents, specifically Anthropic's Claude Code and OpenAI Codex, in identifying vulnerabilities within real-world web applications. The research highlights that while these AI tools can find genuine security flaws, they suffer from high false positive rates and significant non-determinism, meaning they produce inconsistent results with repeated scans. Semgrep also details its comprehensive security platform, which offers various tools like static application security testing (SAST), software supply chain analysis (SCA), and secrets detection, aiming to provide more reliable and consistent code security solutions.
Send us a text
Support the show
Podcast:
https://kabir.buzzsprout.com
YouTube:
https://www.youtube.com/@kabirtechdives
Please subscribe and share.