How I built a system to automate the WAF rule and proof of concept generation pipeline from most WordPress Plugin CVE advisories the minute they are announced.

on
How I built a system to automate the WAF rule and proof of concept generation pipeline from most WordPress Plugin CVE advisories the minute they are announced.

I appreciate and realize this could be considered a controversial topic.

Whether we like it or not, AI is being utilized by threat actors to do this streamlined process already. For me, it was a no brainer to work it into a pipeline for an existing security firewall solution to automated WAF rule generation, working its way into defense and proof of concept within minutes of a CVE advisory for a WordPress plugin being released.

Curious to hear thoughts. Wont work for every CVE obviously, but could cover a large swath of threats where minutes count.

submitted by /u/ogrekevin
[link] [comments]


from hacking: security in practice https://ift.tt/g2nMtf1

Comments

Post a Comment