Fabio

I've been seeing posts all over about the state of CTFs post-LLM. I've seen many attempts to explain why this is just a new evolution of CTFs, but I fundamentally disagree. I believe the original spirit is gone and I've written why in my blog. https://t.co/tgUZOGkhGV

We hired a junior developer to write the simple code, so we don't have to spend a ton of money on tokens for those basic/primitive tasks

Huge respect for actually doing something 👏 Experimenting with anti AI rules in CTF and writing post mortem

THIS. Weirdly enough, it seems like AIxCC was an "Eureka moment" for few people. I remember many colleagues calling our work "slop" and now I see them being totally shocked. Tbh, I think AIxCC could be one of the main reasons why current models are so good at security.

Y'all know there is a middle ground between people saying it's still BS, and people who are pilled and thinking everything is cooked overnight...

Frankly, I'm appalled by the prospect of LLMs taking offensive security research jobs from honest, hard-working fuzzers

"LLM harnessing is dead" [ claude code leak ] "LLM harnessing is magical!"

Sometimes I think "why would a software security company raise $100M, how can you even spend that much money on engineering?" Then I go to RSA and learn the money is for what really matters: paying for booths, ice cream, car wraps, baristas, parties, action figures, billboards..