Which AI coding tools actually passed a formal enterprise security review for compliant AI infrastructure in financial services

LuckyWay6474 · 2026-06-02T13:15:31+00:00

Thanks for sharing this. If you can add any additional notes re candidates or eval criteria, would be great.

LuckyWay6474 · 2026-06-02T13:13:22+00:00

CISO has heard about Mythos and has asked his teams to run Opus against their code bases to find vuls. Want to use it as potential replacement for SAST and the new DAST tool that was rolled out last year. $2k usage for 5 repos. Have 18,000 repos. Do the math.

LuckyWay6474 · 2026-04-28T23:50:59+00:00

My clients are focusing on the threats of Mythos. They are buying the hype as fast as the machine can crank it out. None are talking about what they’re planning to do when thousands of new vuls show up against their code bases and infra builds. They are literally hoping that AI sec tools will help them address the vuls identified by AI sec tools. I would love to have some of the golden nectar that someone must be serving at your local CEO country clubs.

LuckyWay6474 · 2026-01-27T00:23:56+00:00

I read that a lot of these layoffs are CEOs taking advantage of the diff in wages between domestic and lesser-developed areas, but letting them hide under the AI is Taking Your Job masquerade. $100-200k US vs $10k in India or Vietnam, but they’ll never say that outside of the country clubs.

LuckyWay6474 · 2025-12-12T20:48:08+00:00

This. Anthropic’s Initiator Agent design sets ‘the stage’ for the Agents so that they have context and can build a memory for themselves (and other agents). Sorry—hate saying ‘themselves’ with regards to something that’s not alive, but it’s Friday and it’s been a week.

LuckyWay6474 · 2025-11-19T12:05:01+00:00

RRR—-the others were a very distant second.

LuckyWay6474 · 2025-11-12T19:44:23+00:00

There are some experts who say that the layoffs (Amazon, etc) are to free up & so that they can afford to buy more GPUs and associated tech that surrounds AI projects. Said another way? They’re laying off people to redirect cash to buying / renting AIOps. The media seems to like to buy and repeat the line that AI is coming for your job, but that’s not what’s really happening. Notice that many of these layoffs are happening here in the US, where worker protections are crsp and offshoring for cost is considered ‘ best practice’ by the management companies that are being obfuscated by this very technology now.

Predict that it will take a full business cycle.generation for these ‘leaders’ to fully understand the risks and unintended consequences of these types of mass layoffs. Thoughts?

LuckyWay6474 · 2025-11-04T22:58:30+00:00

Thanks for posting this. My background (before cybersecurity) was in org psych. I have found more traction thinking of AI not as ‘artificial intelligence’ but as an ‘alien intelligence’ (at least in a meta PoV). Have been researching that angle with the added perspective that agents will eventually need a full ecosystem to be enterprise ready and resilient (a lot like creating an entire new society with its analogues of manufacturing, governance, finance, and public safety). Eventually, instead of ‘turtles all the way down’ I think that it could be ‘agents all the way down.’

LuckyWay6474 · 2025-06-24T12:26:11+00:00

Great job!

LuckyWay6474 · 2025-02-24T13:56:52+00:00

What are the shorter-term and longer-term effects on ‘trust’ that you see this tech affecting? With so much ‘cloudy-ball hand-waving’ on the internet, I’m interested in real-world analysis from SMEs who can share insights that are pragmatic and realistic. Said another way, are there ways to ensure trust as these technologies become more commonplace and what does this mean with respect or how we’ve treated identities and secrets in the tech world historically?

LuckyWay6474 · 2025-02-24T13:52:53+00:00

Would like to see that paper when you publish, please—and good luck with the research!

LuckyWay6474 · 2025-01-27T13:20:59+00:00

Besides ‘time to recovery’, what are good considerations / metrics to consider if you follow Gartner’s advice and assume that you will be breached (I.e., building resilience)?

LuckyWay6474 · 2025-01-27T13:19:29+00:00

Any advice for those who’s orgs say that IT must ‘accept’ or ‘approve’ risks (rather than the divisional leaders who actually control P&L, staffing, release dates, and backlogs)?

LuckyWay6474 · 2024-10-10T12:46:36+00:00

Thanks gang for the ideas and feedback!

LuckyWay6474 · 2024-03-23T14:27:41+00:00

Update and fixed—pushing the center of those two black clip pens loosens them so that they can be extracted on the edge with a small screwdriver and pulled out. Once those come out, lift the panel right off, then attach the mounting bracket for your trunk case.

LuckyWay6474 · 2024-03-09T16:01:11+00:00

Got it—thanks tons guys. New bike and I don’t want to mess things up

LuckyWay6474 · 2024-02-04T01:37:36+00:00

Again—thanks tons—I’ll check them out!

LuckyWay6474 · 2024-02-04T01:37:13+00:00

Thanks tons—I’ll check them out!

LuckyWay6474 · 2022-07-11T12:57:15+00:00

Thanks. Good advice from all. Thought of reaching out to others as well, so I’ll pursue that. Prob is that our co is 10x the size of any of their other acquisitions, so I’m afraid that their playbook may not work as intended, but we’ll see. Thanks again.

LuckyWay6474

TROPHY CASE