Using AI to discover undisclosed vulnerabilities in open-source - Aikido Intel

Поделиться
HTML-код
  • Опубликовано: 24 дек 2024
  • We conducted a research project to use AI LLMs to discover how many vulnerabilities in open-source projects are patched, but never disclosed. To do this we trained LLMs to read changelogs in projects and discover when security fixes were applied but no CVE was created yet.
    We discovered the 67% of all projects never were publically disclosed including some pretty scary examples.
    Checkout Aikido Intel - intel.aikido.dev
    Checkout our writeup - aikidosec.com/...

Комментарии • 5

  • @coom07
    @coom07 День назад

    Also don't forget they have some overhead issues in the usa with the vuln reporting workflow

  • @chetangiradkar
    @chetangiradkar День назад

    you are doing god's work. +100 karma points to you!

  • @pentabular
    @pentabular 3 дня назад

    How can I do this? Join the team?

    • @aikidosecurity
      @aikidosecurity  2 дня назад

      We are always looking for people to join the team www.aikido.dev/careers

    • @coom07
      @coom07 День назад

      ​@@aikidosecurityDo I have to be Belgium citizen? I would like to apply to the cat 😺 position if necessary :/