If the security flaws are in the training data AI will be able to detect them, stuff like OWASP are definitely in the training data. So in a way this is like more intelligent fuzzing, which is a fantastic tool to have in your toolbox. But I doubt AI will be able to detect novel security flaws that are not included in its training data.
No comments yet.