Hacker News
VulnHunter: Capital One's agentic AI code security tool
_pdp_
|next
[-]
Btw, these type of methodologies are used all the time. Practically every security consultancy has them so adding them to an LLM makes a lot of sense.
ph3t
|next
|previous
[-]
skybrian
|root
|parent
|next
[-]
worldsavior
|root
|parent
|previous
[-]
jabroni_salad
|root
|parent
|next
[-]
fwiw I have seen good whitepapers from them. A while back I used one about their IVR to get exec buy in for re-doing my company's IVR into something a lot better.
ceejayoz
|root
|parent
|previous
[-]
mkagenius
|next
|previous
[-]
this is just a side project though for me
lfx
|next
|previous
[-]
https://github.com/visa/visa-vulnerability-agentic-harness
https://github.com/cloudflare/security-audit-skill
I'm on the fence here, for one as from recent Linux mailing discussions those tools can really find good bugs (51% of them?), but on other side - I'm afraid of false sense of security.
_joel
|next
|previous
[-]
bobthebob
|root
|parent
[-]
Sorry to say, tokens aren’t going anywhere, people aren’t going to suddenly stop using AI, and this whole paradigm shift of how people are changing how they work - is a full blown reality.
There is no reversal, no “eh we don’t think the tokens/AI are worth it”. Accept the new reality.
folkrav
|root
|parent
|next
[-]
bobthebob
|root
|parent
[-]
It doesn’t take a genius or system architect to figure out AI use in banking both internally and for consumers is a huge benefit especially for capital one.
Maybe we should critique the actual agentic products they are creating rather than critique the entire AI spend.
cute_boi
|root
|parent
|previous
[-]
Forget AI—you even have to justify using a MacBook.
spikk
|next
|previous
[-]
snorbleck
|root
|parent
[-]
bpmct
|next
|previous
[-]
xur17
|next
|previous
[-]
Has anyone actually had success with this? I applied for my company several weeks ago, and never heard back.
liampulles
|next
|previous
[-]
sbarrofan1
|next
|previous
[-]
latchkey
|next
|previous
[-]
https://github.com/capitalone/VulnHunter/blob/main/vulnhunt/...