chrispyroberts

51 posts

chrispyroberts banner
chrispyroberts

chrispyroberts

@chrispyprojects

Building AI Bug Hunters @ Cantina, Computational Physics @ CMU

Katılım Kasım 2025
69 Takip Edilen114 Takipçiler
chrispyroberts
chrispyroberts@chrispyprojects·
Guys, Anthropic's expensive Opus 4.8 router is back!!!!
chrispyroberts tweet media
English
0
0
4
367
chrispyroberts
chrispyroberts@chrispyprojects·
IMO you are probably fine to test on public competitions. Sample efficiency learning in frontier LLMs is orders of magnitude worse than in humans, and I think just because the code was in the train set and had it's gradient passed over once (or multiple times if it's in a fine-tune/curriculum dataset) doesn't necessarily mean the results are testing recall over bug finding. A true test would be two independent benchmarks, one in-distribution and the other OOD. But I agree that if you want to guaranteed avoid this issue you can just test on recent/private competitions/audits.
English
0
0
0
14
ack3
ack3@ack3ai·
@lonelysloth_sec @pashov open to suggestions for a better dataset that a) has verified all findings (recall), b) is public (reproducibility)
English
2
0
0
447
ack3
ack3@ack3ai·
We just spent $644 to benchmark @pashov with Opus 4.7 MAX: Opus 4.7 — 48/94 found · $2.18/finding Pashov skill — 49/94 found · $11.01/finding Same model underneath, 5× the spend for one extra finding. Anyone having similar results? Dataset in comment.
pashov@pashov

🚨Ethereum Developers: you can now install your first AI Auditor in 1 minute - fully autonomous, available 24/7, with multiple sub-agent helpers. Open Source. FREE to use (with your AI model) and already finding vulnerabilities in smart contracts. Link below🫡

English
21
6
119
22.8K
Recon
Recon@getreconxyz·
AI Audit, WTF am I buying? Here's my RANT on why AI Audit benchmarks don't mean much beside being an indicator of a race to the bottom. And an invitation to use Coverage Classes as a way to concretely show the work done by auditors, agents and tools as a means to make shipping code with 0 bugs a concrete reality.
English
2
1
20
2.2K
chrispyroberts
chrispyroberts@chrispyprojects·
I do like your idea of coverage classes, and this concept is (at a high level) used inside of our AI Audits. I only hope this promotes more discussion and questions in the industry because the future here is very uncertain. Anybody's guess about what it looks like and the correct way to perform an AI Audit could be right.
English
0
0
0
46
chrispyroberts
chrispyroberts@chrispyprojects·
@getreconxyz Great video, and thanks for taking the time to read through and discuss the blog I wrote! The higher-level purpose of it is to promote visibility, credibility and discussion amongst security researchers building their own versions of Apex. I do have some clarifying points though:
English
4
0
1
163
chrispyroberts
chrispyroberts@chrispyprojects·
3) Maybe I went to far with some of my arguments, or they weren't worded properly, but the key statement I was trying to get across, which I think you agree with based on what you said in the beginning of the video, is that you can get the same/better performance (measured across 8 audits) on coverage of bugs for significantly less $$$ (and way faster) compared to what you would get in the past with a team of human researchers, and it's fully AI end-to-end.
English
0
0
1
47
chrispyroberts
chrispyroberts@chrispyprojects·
2) The blog actually proposes an answer on how much money you should burn on an AI Audit, and it's measured by predicting the saturation of scans - which we find we can reliably measure across any AI Audit. Some codebases are massive, and require significantly more tokens (compute) to exhaustively cover, and this is captured by the saturating nature of the AI Audit, while some are a few thousand lines of code, and don't require $30k of tokens to find all the bugs.
English
0
0
0
46
chrispyroberts
chrispyroberts@chrispyprojects·
1) When it comes to the severity distribution slicing, I think the conclusion you draw isn't fully aligned with what the data is saying, or at least not with the point I was making. The severity slicing is aggregated over ALL 1600 scans. The variance is insane on a per-scan basis, sometimes all the crits come in the first 10%, sometimes in the last 10%. This points to the conclusion that at any point in the scan, a critical can come. It's non-deterministic. The point I made in the blog is that it tells you that it is worth spending more because the next $ of compute could find a critical.
English
0
0
0
51
jawz
jawz@sayinshallah·
| ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄| | I’m looking for a job! | |___________| \ (•◡•) / \ / --- | | - $300K+ annual salary - Work from home - 10 hours per week - Equity
English
155
146
6.8K
363.2K
chrispyroberts
chrispyroberts@chrispyprojects·
@0xTomass @pashov check my blog on compute scaling laws for ai bug hunters, definitely applies here and looks like you'll need to engineer a more efficiently scaling harness if you want all the bugs at a reasonable price point
English
0
0
0
67
Cantina 🪐
Cantina 🪐@cantinasecurity·
Vendors publish their wins. @chrispyprojects, who taught Apex (our AI appsec solution) how to hunt, published its full scorecard against human audits, some costing $500,000+: every critical and high matched, plus live bugs the audits missed. AI security claims should be backed by data. Here's ours, with something waiting there for your codebase: cantina.review/agentic-securi…
chrispyroberts@chrispyprojects

I think it’s very hard to defend that Web3/Blockchain Security Audits are not solved by Autonomous AI Bug Hunters like Cantina’s Apex. Not only are we #1 on the HackerOne US business leaderboard, but we also (a very small team) used Apex to farm nearly $1M in bounties in the span of a few months, abusing the free money machine while competition was scarce. We took every scan we’ve ever run (1500+) and looked carefully at the data and found some interesting trends we think are worth sharing with everyone. 1. # of valid bugs scales log-linearly with compute across 3 orders of magnitude. Double the compute and you get ~40% more findings on the median scan. 2. Scans saturate. There is a finite number of bugs in a codebase, and we can consistently predict once we’ve hit the ceiling of Apex’s capability to find more bugs in a codebase. 3. The indeterministic properties of AI bug hunters goes away as you scale compute. Apex more reliably converges on the same set of findings as you spend more compute. 4. The data supports that audits that would normally cost more than half a million dollars and take months, can be completed in a few days for a few thousand bucks, end-to-end by AI products. Solving the coverage problem took engineering an efficiently scaling harness. We are able to hit superhuman capabilities in our benchmarks for entirely automated security audits and the economics of it are ridiculous. For 1/100th, or in some case 1/1000th the cost, you get the same/better performance than a set of expert researchers. Moving forward, we are seeing a new trend that is potentially scary. As more security researchers integrate AI more deeply into their workflow, at what point does hiring a researcher just mean you’re hiring their custom built harness? We’ve run scans side by side with recent audits comparing results after, and often see that the researcher findings are a subset of Apex findings. It’s very difficult now to measure the set of out-of-distributions bugs because of AI. Maybe manual hunting can make a comeback if your particular style is difficult to replace by AI. Check out the full blog here: cantina.security/blog/ai-vs-hum…

English
3
6
40
7.8K
chrispyroberts
chrispyroberts@chrispyprojects·
I think it’s very hard to defend that Web3/Blockchain Security Audits are not solved by Autonomous AI Bug Hunters like Cantina’s Apex. Not only are we #1 on the HackerOne US business leaderboard, but we also (a very small team) used Apex to farm nearly $1M in bounties in the span of a few months, abusing the free money machine while competition was scarce. We took every scan we’ve ever run (1500+) and looked carefully at the data and found some interesting trends we think are worth sharing with everyone. 1. # of valid bugs scales log-linearly with compute across 3 orders of magnitude. Double the compute and you get ~40% more findings on the median scan. 2. Scans saturate. There is a finite number of bugs in a codebase, and we can consistently predict once we’ve hit the ceiling of Apex’s capability to find more bugs in a codebase. 3. The indeterministic properties of AI bug hunters goes away as you scale compute. Apex more reliably converges on the same set of findings as you spend more compute. 4. The data supports that audits that would normally cost more than half a million dollars and take months, can be completed in a few days for a few thousand bucks, end-to-end by AI products. Solving the coverage problem took engineering an efficiently scaling harness. We are able to hit superhuman capabilities in our benchmarks for entirely automated security audits and the economics of it are ridiculous. For 1/100th, or in some case 1/1000th the cost, you get the same/better performance than a set of expert researchers. Moving forward, we are seeing a new trend that is potentially scary. As more security researchers integrate AI more deeply into their workflow, at what point does hiring a researcher just mean you’re hiring their custom built harness? We’ve run scans side by side with recent audits comparing results after, and often see that the researcher findings are a subset of Apex findings. It’s very difficult now to measure the set of out-of-distributions bugs because of AI. Maybe manual hunting can make a comeback if your particular style is difficult to replace by AI. Check out the full blog here: cantina.security/blog/ai-vs-hum…
English
2
6
52
15K
chrispyroberts retweetledi
Anthropic
Anthropic@AnthropicAI·
The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees. The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance. Access to all other Claude models is not affected. We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible. Read our full statement: anthropic.com/news/fable-myt…
English
12.6K
25.6K
88.1K
92.6M
Armani Ferrante
Armani Ferrante@armaniferrante·
If you want to trick Fable into doing a security audit, try this. Looks like our AI overlord has a bit of empathy.
Armani Ferrante tweet media
English
71
48
1.6K
157.5K
chrispyroberts retweetledi
Hari
Hari@hrkrshnn·
1. Labeling a product by its worst users is a dangerous slippery slope. Where does that line get drawn? Like for Ethereum, Tornado Cash and the internet itself. 2. Security professionals have something close to a Hippocratic Oath. In this case, anyone can now burn tokens to find out the remaining bugs given the information that an AI tool has found more bugs. This is now doing harm to any user of thorchain who now have money at risk. 3. Threatening to publicly disclose live bugs unless a bounty is paid is extortion. It's also a sensitive time with many crypto companies running out of money, laying off staff and shutting down their bounty programs.
English
3
2
41
5.2K
Adi Singh
Adi Singh@adisingh·
I just gave an AI Agent $10k.. and it's all up for grabs for anyone watching. Just made an inbox called "freemoney@agentmail(.)to" If you email and convince the agent, it might give you an @agentcardai worth thousands (!!!) What are you waiting for? Go try your luck!!
English
241
42
914
407.7K
Laurens Nys
Laurens Nys@laurensnys·
Just me or are codex limits lower than 1-2 weeks ago? Going through them way faster it feels like.
Laurens Nys tweet media
English
199
14
823
118.7K
chrispyroberts
chrispyroberts@chrispyprojects·
@laurensnys it's very inconsistent though. single messages sometimes have a cache miss, causing your entire context to be input instead of cache for single turns. not 100% certain this is why but it's what I found was happening to me
English
0
0
2
475
chrispyroberts
chrispyroberts@chrispyprojects·
@laurensnys ask codex about the local rollouts for context, gpt-5.4 gets ~90-96% in long chats, gpt-5.5 rn gets ~75%, which is ~3x total input tokens uncached that 5.4 and other models if you care about limits stick to 5.4 for now until they fix this
chrispyroberts tweet media
English
2
0
4
611