Reading up on integrating cloud-based LLMs to #KaliLinux and I am not quite sure who would sign this off for actual security assessment work.
-
Reading up on integrating cloud-based LLMs to #KaliLinux and I am not quite sure who would sign this off for actual security assessment work. I can't see any client agreeing to potentially leaking information to Anthropic or other online LLMs. Also, the risk of actually doing damaging actions on a vulnerable system is way too high.
As the usefulness of any online AI integration is quite limited for actual project work, what could it be used for? For training, maybe?
Or maybe it is intended for some AI believers who don't see any risk associated with sending sensitive information to random cloud services?
It would be possible to run a fully local model, of course, but that is far more limited in quality and capability than online ones. It would also still retain the risks of exploiting vulnerabilities in a damaging way.
I, for one, am not signing up to vibehacking.
-
R relay@relay.infosec.exchange shared this topic
