Automat coding tools bas onartificial intelligence, us by new developers, can introduce basic vulnerabilities into projects.
The excessive trust that an ignorant and/or inexperienc developer has towards AI assistants, orArtificial intelligence, can result in applications that include critical vulnerabilities introduc by automat code.
Corey Nachreiner chief security officer
at WatchGuard Technologies , not that tools like GitHub ‘s Copilot are among the most widely us among new developers .
GitHub trains Copilot using the “big data” of billions of lines of code found in its repositories.
However, as with any AI/ML algorithm, the quality of its results depends on the quality of the training data f to it and the germany whatsapp number data instructions given to it; if you fe theArtificial intelligenceWith bad or insecure code, you can expect the same thing to happen.
According to research by the NYU Security Center, up to 40% of the code generat by Copilot includes exploitable security vulnerabilities, and this percentage increases when the developer’s own code contains vulnerabilities.
It’s consider a serious enough problem that GitHub was quick to warn: “You are responsible for ensuring the security and quality of your code [when using Copilot].”
Read also: Warning of poor cybersecurity
Area of application
Marc Laliberte, Director of Security Operations at WatchGuard Technologies , report that technology companies such as Cruise, Baidu and Waymo have begun testing robotaxis using automat coding tools.
Robotaxis are self-driving cars that offer an experience similar to Uber or Lyft, but without a human driver.
Companies like Baidu say they have already successfully complet more than a million of planning for amazon’s first post-christmas sales in 2024 these autonomous rides for passengers, with investors attract by the cost savings of eliminating their workforce.
Security research has shown that Internet-connect cars can be hack , and humans have bw lists already demonstrat that AI can be socially and “visually” design.
When you combine these two things with a mobile-bas service that anyone can use, we’re bound to see at least one cybersecurity incident where threat actors target robotaxis for fun and profit.