Kabir's Tech Dives
I'm always fascinated by new technology, especially AI. One of my biggest regrets is not taking AI electives during my undergraduate years. Now, with consumer-grade AI everywhere, I’m constantly discovering compelling use cases far beyond typical ChatGPT sessions.
As a tech founder for over 22 years, focused on niche markets, and the author of several books on web programming, Linux security, and performance, I’ve experienced the good, bad, and ugly of technology from Silicon Valley to Asia.
In this podcast, I share what excites me about the future of tech, from everyday automation to product and service development, helping to make life more efficient and productive.
Please give it a listen!
Kabir's Tech Dives
AI in AppSec: Strengths, Weaknesses, and Non-Determinism
Finding vulnerabilities in modern web apps using Claude Code and OpenAI Codex | Semgrep," focuses on a security research experiment conducted by Semgrep to assess the effectiveness of AI Coding Agents, specifically Anthropic's Claude Code and OpenAI Codex, in identifying vulnerabilities within real-world web applications. The research highlights that while these AI tools can find genuine security flaws, they suffer from high false positive rates and significant non-determinism, meaning they produce inconsistent results with repeated scans. Semgrep also details its comprehensive security platform, which offers various tools like static application security testing (SAST), software supply chain analysis (SCA), and secrets detection, aiming to provide more reliable and consistent code security solutions.
Podcast:
https://kabir.buzzsprout.com
YouTube:
https://www.youtube.com/@kabirtechdives
Please subscribe and share.