OK, I have no idea who you are, and this isn't personal, I'm responding to a comment and not a person --- but this is an argument that posits that one of the big problems with LLM software is "SOC2 audits". Since SOC2 audits are basically not a meaningful thing, I'm left wondering if the rest of your argument is similarly poorly supported.

It feels like a dunk to write that. But I genuinely do think there's so much motivated reasoning on both sides of this issue, and one signal of that is when people tip their hands like this.

▲

yellowapple 2 hours ago | parent [-]

Since when are SOC audits not a meaningful thing?

▲

kasey_junk an hour ago | parent [-]

If soc audits are driving your development process you are doing it backwards. And _certainly_ a time is coming when just using the llm will be soc compliant.

	▲	threecheese an hour ago \| parent [-]
		I’d think any company big enough or working in certain markets which has a Compliance Officer cares about this; regulations are a legitimate business risk, and software integration contracts have security control compliance requirements which very much impact the sdlc. Would you have the same reaction to requiring an approval for a production deployment? That’s driving the development process. —- Also jfc I need to cool it with the buzzwords, sorry I just got home from “talk like this all day” $job