After five years as open source champions, Cal.com is going closed source. This wasn’t an easy decision, but in the age of AI-driven security threats, protecting customer data has to come first. Cal.diy will continue as an open option for hobbyists.
After five years as open source champions, Cal.com is going closed source. This wasn’t an easy decision, but in the age of AI-driven security threats, protecting customer data has to come first. Cal.diy will continue as an open option for hobbyists.
If AI scanning code for vulns is the problem, why don’t the developers have AI scan their code for vulns before release?
They do give a clue as to a reason/excuse why not in the article:
Also, they come up with so many false positives that it’s a huge job to check over the reports for something usable.
That’s literally just pen testing, though. You search through tons of holes just to find the tunnel you were going down was blocked and not an issue.
I asked this at my company wide security training session. The answer I received was that 0 days are hard to detect which is what makes them dangerous. Well duh, you just told me criminals were using currently available open source AI tools to find them. A total non answer was provided.
So I just used the company mandated AI to scan or source code for vulnerabilities and patched the 2 it found.