"Mythos is a great tool that can automate a lot of the things expert humans do, and it's the expert humans who get the most from it. It is very good at finding classes of vulnerability that humans know about, while not finding ones that they don't."
"One is that the effectiveness of tools like Mythos will continue to evolve, exposing more and more structural and individual code flaws. The other, that these tools will inevitably become generally available."
"Right now, and for some time to come, most running code has been written in the pre-industrial age of vulnerability detection. Eyeballs, not AI balls, did the work."
Mythos, while named to suggest mythical powers, is more typical in its capabilities. It excels at automating tasks performed by expert humans, particularly in identifying known vulnerabilities. However, it struggles with unknown vulnerabilities. The responsible rollout of Project Glasswing indicates a cautious approach to its use. The future promises more effective tools that will expose more vulnerabilities, and these tools will eventually become widely available. The current state of code vulnerability detection relies heavily on human effort rather than AI.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]