> The demonstrated ones that they have on the red team blog are neat, the kernel chain is impressive and fun
So by your estimation, for rogue actors being able to uncover hundreds of this class in each major software product roughly for free would not be a big issue?
We must have read two different red team blogs from Anthropic if that’s what you think is happening. But let’s go ahead and assume what you’re asking at face value.
It would not be a doomsday issue as implied, no. Org security has gone far beyond static detections and “just exclude some IPs that fail to log in too much and we’re good”. SOAR exists. Behavioral analysis and monitoring exists. Layered defenses exist.
Believe it or not for those of us in security in large highly targeted companies we’ve been dealing with the potential for multiple chained 0 days for years and the processes, monitoring, and (yes, automated) response architecture is already there.
I get that this is absolutely frightening for some and that causes panic but for us this is Tuesday.
So by your estimation, for rogue actors being able to uncover hundreds of this class in each major software product roughly for free would not be a big issue?