I've taken scripts I wrote in the past, max 2k lines, and handed them to ChatGPT with the simple instructions of "write this more securely". It comes up with creative ways to do things that I had not considered.
I'm fast forwarding to the future (and this may already be happening). DevOps pipelines and/or IDEs no longer just detect application vulnerabilities with SAST/DAST/SCA tools, they actually go and fix them.
Remaining work in this area would primarily be around Secrets Management and IAM. Which depending on the size of the organization, may be their own areas/departments.
Am I right in saying the future of AppSec is looking bleak? Is there something I'm missing? Large areas of AppSec related work I hadn't considered? submitted by /u/Johnny_BigHacker
[link] [comments]
http://dlvr.it/T6qNxh
Full width home advertisement
Blog Archive
-
▼
2024
(445)
-
▼
May
(56)
- SIEM Searches
- Pattern Scanning Intro (For Game Hacking)
- Seeking Advice on Balancing Security Controls and ...
- Exported Activity In Android Application Allowing ...
- Cybersecurity Analyst transitioning to Cloud Security
- Subdomain takeover via AWS s3 bucket
- Introducing cybersectools.com: The largest curated...
- Bug Bounty In 2024
- Buffer Overflow shell
- Earning with Exploits: The Bug Bounty Journey
- Network Penetration Testing: A Comprehensive Guide
- Tips & Tricks To Get Hall of Fame In NASA
- Top cybersecurity stories for the week of 05-20-24...
- How to Use ParamSpider Tool — For Bug Bounty
- Top Network Hacking Techniques Familiar with Every...
- Unfading Sea Haze - "new" APT targeting military a...
- How to find View Angles for Aimbots | Explained
- Search for feedback about Hash24Security Premium p...
- Pentesting: AI: WEB 1 | Privilege Escalation Attac...
- How do you monitor your security tools in your dep...
- How I Hacked NASA Using Google Dork in Just 10 Min...
- Walk-Through of Bepractical.tech lab #3
- Limits to the rabbit hole of soc investigation
- A Story of Zero-click complete Account Takeover
- Managed SIEM provider recommendations
- The Hacker’s Mind -Recon Mind map
- Pricing, POS, Broker to banker, Cybersecurity Tool...
- Windows Active Directory Least Privilege - Am I be...
- How to Create a Cloud Lab for Anonymous Bug Bounty...
- New Tools for Developers Bolster AI Cybersecurity ...
- Cybersecurity Tools Recommendation
- CVE-2024–4761: Exploiting Chrome’s JavaScript Engi...
- Let me introduce you to the Evil-M5Project 🚀
- XSS on TikTok
- Google introduces Gemini-powered cybersecurity too...
- Is Application Security going to be greatly reduce...
- 24.15 Lab: HTTP request smuggling, obfuscating the...
- New type of web vulnerability RPFI
- Today I am going to walk through bepractical.tech
- Digital Forensics
- NMAP Command Options
- Top cybersecurity stories for the week of 05-06-24...
- How I Discovered a CVE by Scanning Open Source Rep...
- Any advice on some training tools I can use for ba...
- Simple bug on Indian government website | Govt. bu...
- Network Infrastructure Recon
- [Serious] How to explain social media pursuasion t...
- Help with a project that does make sense ?
- BugBountyTraining Lab: FastFoodHackings Part 1
- Need answer for the question asked in interview
- Get Your First Award by Joining IDN Bootcamp Bug B...
- Top cybersecurity stories for the week of 04-29-24...
- Complex Attack Types: Sample Scenarios 3
- Those who have migrated on-prem VPN to SASE soluti...
- Managing cybersecurity in local government - multi...
- How would you approach to exploit a ReDos attack?
-
▼
May
(56)
Advertisement
LIVE CYBERTHREAT
Latest Trends
Contact Form
amcat question search
search Pentest tools
Total Pageviews
Search Blog
Copyright 2017, " Vpentest ". All rights Reserved.
| Designed by Colorlib
No comments:
Post a Comment