zlacker

[parent] [thread] 9 comments
1. bgwalt+(OP)[view] [source] 2025-06-24 18:42:18
"XBOW is an enterprise solution. If your company would like a demo, email us at info@xbow.com."

Like any "AI" article, this is an ad.

If you are willing to tolerate a high false positive rate, you can as well use Rational Purify or various analyzers.

replies(1): >>moyix+m2
2. moyix+m2[view] [source] 2025-06-24 18:52:01
>>bgwalt+(OP)
You should come to my upcoming BlackHat talk on how we did this while avoiding false positives :D

https://www.blackhat.com/us-25/briefings/schedule/#ai-agents...

replies(2): >>tptace+I5 >>nickps+Yk2
◧◩
3. tptace+I5[view] [source] [discussion] 2025-06-24 19:05:21
>>moyix+m2
You should publish the paper quietly here (I'm a Black Hat reviewer, FWIW) so people can see where you're coming from.

I know you've been on HN for awhile, and that you're doing interesting stuff; HN just has a really intense immune system against vendor-y stuff.

replies(1): >>moyix+47
◧◩◪
4. moyix+47[view] [source] [discussion] 2025-06-24 19:12:19
>>tptace+I5
Yeah, it's been very strange being on the other side of that after 10 years in academia! But it's totally reasonable for people to be skeptical when there's a bunch of money sloshing around.

I'll see if I can get time to do a paper to accompany the BH talk. And hopefully the agent traces of individual vulns will also help.

replies(1): >>tptace+p7
◧◩◪◨
5. tptace+p7[view] [source] [discussion] 2025-06-24 19:13:51
>>moyix+47
J'accuse! You were required to do a paper for BH anyways! :)
replies(2): >>moyix+n8 >>leenif+bI1
◧◩◪◨⬒
6. moyix+n8[view] [source] [discussion] 2025-06-24 19:19:24
>>tptace+p7
Wait a sec, I thought they were optional?

> White Paper/Slide Deck/Supporting Materials (optional)

> • If you have a completed white paper or draft, slide deck, or other supporting materials, you can optionally provide a link for review by the board.

> • Please note: Submission must be self-contained for evaluation, supporting materials are optional.

> • PDF or online viewable links are preferred, where no authentication/log-in is required.

(From the link on the BHUSA CFP page, which confusingly goes to the BH Asia doc: https://i.blackhat.com/Asia-25/BlackHat-Asia-2025-CFP-Prepar... )

replies(1): >>tptace+Ua
◧◩◪◨⬒⬓
7. tptace+Ua[view] [source] [discussion] 2025-06-24 19:32:16
>>moyix+n8
I think you're fine, most people don't take the paper bit seriously. It's not due until the end of July regardless (you don't need a paper to submit for the CFP).
replies(1): >>daeken+QD
◧◩◪◨⬒⬓⬔
8. daeken+QD[view] [source] [discussion] 2025-06-24 22:48:24
>>tptace+Ua
The scramble to get your paper done in time is traditional! (And why my final paper for the onity lock hack ended up with an entire section I decided was better off left unsaid; woops)
◧◩◪◨⬒
9. leenif+bI1[view] [source] [discussion] 2025-06-25 11:21:17
>>tptace+p7
Hmm, is that really true? I spoke at BH last year and was not required to submit a paper. And based on the briefings link, there surely isn't a paper link, only slides and tool.
◧◩
10. nickps+Yk2[view] [source] [discussion] 2025-06-25 15:24:32
>>moyix+m2
"we"

I remember your work on seeding vulnerabilities into C programs. I didnt know you got into AI-assisted pentesting. I already have more confidence in the product. :)

[go to top]