ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Finding Large Bounties with Large Language Models - Nico Waisman - ASW #351"
Episode Synopsis
Software has forever had flaws and humans have forever been finding and fixing them. With LLMs generating code, appsec has also been trying to determine how well LLMs can find flaws. Nico Waisman talks about XBOW's LLM-based pentesting, how it climbed a bug bounty leaderboard, how it uses feedback loops for better pentests, and how they handle (and even welcome!) hallucinations. In the news, using LLMs to find flaws, directory traversal in an MCP, another resource for learning cloud and AI security, spreadsheets and appsec, and more! Show Notes: https://securityweekly.com/asw-351
More episodes of the podcast Security Weekly (Download Only)
Quantum Computing Isn’t A Threat To Blockchains - Yet - Sandy Carielli, Martha Bennett - ASW #354
28/10/2025
Robo Bees, side, AI Risk, Red Tiger, SessionReaper, Bad Bots, Willow, Josh Marpet - SWN #523
24/10/2025
Its Always DNS - PSW #897
23/10/2025
The Afterlife, AWS, ClickFix, Agentic AI, Robot Lumberjacks, Robocalls, Aaran Leyland - SWN #522
21/10/2025
Erotic Chats, UEFI, F5, Cisco, Doug Sings, Insiders, Lastpass, Sora, Aaran Leyland... - SWN #521
17/10/2025
AI, EDR, and Hacking Things - PSW #896
16/10/2025
In God we trust