Overview
- Google has released its first public list of 20 open-source vulnerabilities discovered by Big Sleep, with technical details withheld until patches are applied under its 90-day disclosure policy.
- Big Sleep autonomously detects and reproduces flaws before human experts validate reports to ensure accuracy and mitigate hallucinations.
- The AI agent recently identified and thwarted a critical zero-day SQLite vulnerability rated 7.2 on the CVSS scale, preventing potential in-the-wild exploits.
- Developed by DeepMind and Project Zero, Big Sleep accelerates high-volume testing to free human researchers for strategic cybersecurity tasks.
- Google will present deeper analysis at Black Hat USA followed by DEF CON 33 and contribute anonymized training data to the Secure AI Framework.