| ▲ | sebmellen 3 hours ago | |||||||||||||||||||||||||
Just commenting for posterity… if this is what it claims to be, I am not looking forward to how it will empower the people who submit bug bounties to us. Historically they’ve been people from certain identifiable countries (usually developing/poorer countries) using fuzzers with low-quality results. Now, those same people use the current-day models to good effect, but they still don’t have a true security edge and oftentimes the reports are minor or duplicative. I wonder if that’s about to deeply change. | ||||||||||||||||||||||||||
| ▲ | arkwin an hour ago | parent | next [-] | |||||||||||||||||||||||||
I've been using Opus 4.6-4.8 in both my own and others' code to look for vulnerabilities, and I've found a few. I am also in the Cyber Verification Program. Fable 5 gives me policy violation errors at the moment. No idea when or if it will be fixed. | ||||||||||||||||||||||||||
| ▲ | rs_rs_rs_rs_rs 2 hours ago | parent | prev [-] | |||||||||||||||||||||||||
Can you use AI to pre-triage the reports too? | ||||||||||||||||||||||||||
| ||||||||||||||||||||||||||