top | item 44945410

(no title)

waihtis | 6 months ago

The joke is that Xbow only works because they have close to 100 employees operating the software

discuss

_pdp_|6 months ago

You are joking, but there was actually a very popular enterprise SAST tool that used to offer a "cloud" version of their software. It worked by having someone from their team manually download the zip file of your code, run it through their desktop software, and then upload the results back to make them visible in the web portal.

ericmcer|6 months ago

That's a totally valid and useful way to validate an idea. After a few months of manual labor they will have a good idea of how/what to build and if it is even worth building.

tptacek|6 months ago

I know who you're talking about, but also: this is the joke about basically every hosted SAST and DAST tool. I call it the "Oompa Loompa" model of security products.

unknown|6 months ago

[deleted]

guhcampos|6 months ago

"XBOW is an AI-powered penetration testing platform that delivers human-level security testing at machine speed."

At least they're not lying right? It's just people using computers.

waihtis|6 months ago

yeah i think XBOW is fairly transparent about it, doesn't stop the online influencers from claiming "an AI is now the #1 hacker on Hackerone"