| ▲ | defen 5 hours ago | |
How are you supposed to know that if you're evaluating whether to use a tool / service? | ||
| ▲ | kridsdale3 3 hours ago | parent | next [-] | |
I wish I had an answer for you. I spend at least half of the past year trying to make that decision. The internal LLM that can read all the docs and code, you'd think, could get the context to know what the optimal state is, but it easily gets confused by out of date documentation and recommends paths that are going to be marked as "why didn't you use the new thing?" at review time, OR it builds out a solution using "oh, this isn't ready for use yet" parts. | ||
| ▲ | jeffbee 5 hours ago | parent | prev [-] | |
You could just read their whitepapers and accept them at face value. What other major SaaS providers are publishing about their technical countermeasures against insider risk? If a company publishes loads of articles about how they have technical controls for privacy and security, through encryption and compartmentalization and code review and build provenance and so forth, and all the people who work/worked at said company are always whining about how onerous those processes are, then what gives you reason to doubt it? | ||