(no title)

I think to your point, besides the quality of the output (that we can challenge with every tool, AI or not), the problem reside in the prioritization aspect of it. Knowing you have 1000 issues is great, but knowing which one are the most critical and why, is much better if you really want to remediate them!

IMHO, AI should really help security tools when it comes to testing or providing remediation suggestions, but we should avoid using it as the engine to surface findings.