https://windshock.github.io/en/tags/ai-security/Recent content in AI Security on After the CodeHugo -- 0.145.0en-USFri, 01 May 2026 00:00:00 +0000https://windshock.github.io/en/post/2026-05-01-security-assessment-as-development-process/Fri, 01 May 2026 00:00:00 +0000https://windshock.github.io/en/post/2026-05-01-security-assessment-as-development-process/AI-era security assessment is not primarily about reducing outsourcing cost. It is about embedding repeatable verification into the development process while separating automation candidates from human judgment.https://windshock.github.io/en/post/2026-04-30-ai-slop-vulnerability-triage/Thu, 30 Apr 2026 00:00:00 +0000https://windshock.github.io/en/post/2026-04-30-ai-slop-vulnerability-triage/AI lowers the cost of finding vulnerability candidates, but it also increases low-quality reports, duplicates, and false positives. In the AI slop era, triage quality becomes the core security operation.https://windshock.github.io/en/post/2026-04-29-after-cve-response-ai-vulnerability/Wed, 29 Apr 2026 00:00:00 +0000https://windshock.github.io/en/post/2026-04-29-after-cve-response-ai-vulnerability/AI-era vulnerability response cannot wait for a CVE number. Pre-CVE signals such as issues, commits, PoCs, write-ups, and patch traces now have to be mapped against internal exposure earlier.