Capital One releases VulnHunter, an open-source AI tool that finds software flaws before hackers do
Capital One on Thursday released VulnHunter, an open-source, agentic AI security tool that scans source code for exploitable vulnerabilities, maps out how an attacker would reach them, and proposes targeted fixes — all before a single line ships to production. The tool, built internally and now available on GitHub under an Apache 2.0 license, is one of the most ambitious attempts by a major financial institution to turn offensive AI capabilities into a public defensive resource.
The move marks a striking philosophical turn for a company still defined, in many boardrooms, by a 2019 data breach that compromised the personal information of roughly 106 million people across the United States and Canada and ultimately cost the bank an $80 million federal fine.
Capital One is not simply releasing another vulnerability scanner. VulnHunter introduces what the company calls an "attacker-first forward analysis" — a workflow in which...
Copyright of this story solely belongs to venturebeat.com. To see the full text click HERE