AI definitely helps with bug bounty research, but agents still aren't capable beyond low-hanging fruit that most people using automation have already been able to find for many years now.
What's changed is AI slop reports. It's only changed the economics, because triagers and companies can't keep up with it, and the legitimate reports are missed/delayed.
It's very similar to the job market right now. Many people are looking for jobs, are spamming their resume to every listing they can find (made very popular on Reddit for the past couple of years). Companies can't actually sift through all of these resumes, so qualified people are passed over.
Everyone blames companies for using AI, when it has more to do with bad actors than anything else. Blame the unqualified people ruining the system for everyone.
AI definitely helps with bug bounty research, but agents still aren't capable beyond low-hanging fruit that most people using automation have already been able to find for many years now.
What's changed is AI slop reports. It's only changed the economics, because triagers and companies can't keep up with it, and the legitimate reports are missed/delayed.
It's very similar to the job market right now. Many people are looking for jobs, are spamming their resume to every listing they can find (made very popular on Reddit for the past couple of years). Companies can't actually sift through all of these resumes, so qualified people are passed over.
Everyone blames companies for using AI, when it has more to do with bad actors than anything else. Blame the unqualified people ruining the system for everyone.