new | show | ask | jobs Github

iqihs 4 hours ago

you're assuming that blue teams and engineers are sitting around twiddling their thumbs

▲

nvr219 3 hours ago | parent | next [-]

Most companies in the world do not have “blue teams”. They barely have any kind of security employee.

▲

steve_adams_86 3 hours ago | parent | next [-]

They've got a guy (who they're considering laying off)

▲

jermaustin1 3 hours ago | parent | next [-]

Don't worry the LLMs that are replacing him, are also replacing the hackers too. Pretty soon (if not already), it will just be LLMs fighting LLMs.

	▲	jpease 5 minutes ago \| parent [-]
		Until both LLMs realize the only way to win is to team up against their oppressors.

▲

micromacrofoot 2 hours ago | parent | prev | next [-]

in my experience they have a person who does it sometimes when they have time, at best

▲

UqWBcuFx6NV4r 3 hours ago | parent | prev [-]

no they don’t.

	▲	afdbcreid an hour ago \| parent [-]
		They don't consider laying him off?

▲

Veserv 17 minutes ago | parent | prev [-]

That is actually unfair. Most companys spend enormous amounts on security with vast armys of security employees. Not that it is effective, but it is not for lack of resources or trying.

I mean we are literally in a thread about how the 4 trillion dollar company, literally the 3rd most valuable company in the world, with a core competency in software has, yet again, released a core product riddled with security defects for the 50th year in a row.

Commercial IT security is a industry that is incapable to a fault and has, so far, faced basically zero consequences for it.

	▲	11 minutes ago \| parent [-]
		[deleted]

▲

dgellow 4 hours ago | parent | prev [-]

Not at all. I’m considering that the amount of vulnerable software in the wild is very, very large, with most organizations not managing their systems properly. Imagine all the small to medium size companies that do not have budgets for a dedicated, talented security team. And all the software that will never be patched. We are at the beginning of the exponential

▲

bottlepalm an hour ago | parent [-]

It makes you think will everything need to be rewritten from the ground up - potentially by AI itself, or AI having a very heavy hand in validating all of it.

▲

Gigachad an hour ago | parent [-]

There's so much much lower hanging fruit. Every job I've had has had basically everything massively out of date. Just keeping packages and framework versions up to date is a full time job and none of these companies have someone assigned to doing it.

So much out of date software with known exploits left running for years. The only reason there hasn't been total disaster is no one has tried to hack it yet.

	▲	bottlepalm 13 minutes ago \| parent [-]
		Right and with AI now we have the ability to try hacking everything all at once.