作者在渗透测试工作中发现,即使目标企业配备了付费WAF、多层防护和专职安全团队,LLM驱动的自动化攻击代理仍能以极低成本(每小时不到1美元API费用)持续发现高危漏洞。传统封禁机制(如返回403错误)对AI代理无效,反而为攻击者提供了防御盲区的信息。为此,作者开发了VeilGate——一种欺骗型反向代理,它不直接封禁可疑流量,而是通过协议指纹、行为信号和在线机器学习对请求进行评分:合法流量正常转发,可疑流量触发浏览器工作量证明挑战,高置信度的AI代理流量则被引入蜜罐层,使其与伪造的应用环境交互,从而保护真实应用。
An engineer describes the shift from 2025 to 2026, where AI agents are now reliable enough to write entire PRs, diagnose most bugs, and handle testing and setup tasks. He avoids using LLMs for public communication like PR descriptions or Slack messages, and emphasizes finding the right balance between over- and under-utilizing agents.