Infosec News

196 readers

81 users here now

A community posting Cybersecurity related articles.

founded 3 weeks ago

MODERATORS

[email protected]

Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (thehackernews.com)

submitted 10 hours ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

top 2 comments

sorted by: hot top controversial new old

[–] [email protected] 6 points 8 hours ago (1 children)

See this is a decent use of LLMs! OK so the article said the team admitted other approaches would do at least as good of a job.

But can we try to use AI for scanning open source code to find vulnerabilities before they are released, rather than for watching your every move as you use your computer?

[–] [email protected] 1 points 6 hours ago

I agree. We can use ML models for identifying possible malware; there should be more than enough examples of bad coding to train an LLM on to identify injection risks, lack of input sanitation, assignment and inheritance issues, and use after free problems. And cleaning THOSE things up in a code base will fix the majority of security issues.

LLMs could also review algorithms looking for logic issues in larger code bases where a human might not be able to hold the entire system in their mind at the same time.