LLM's Potential to Perform Actual Security Researcher Role
As Large Language Models (LLMs) demonstrate the ability to detect software security vulnerabilities, the possibility of structural changes in the cybersecurity industry is being raised. A recent joint study conducted by Anthropic and Mozilla is drawing attention as a case demonstrating that AI has entered the stage of being able to perform actual security researcher roles.
According to the research, Anthropic's latest model Claude Opus 4.6 discovered 22 security vulnerabilities in Mozilla Firefox code in just 2 weeks. Among these, 14 were classified as high-severity vulnerabilities. This corresponds to approximately 20% of the high-severity vulnerabilities corrected in Firefox over the entire year of 2025. The researchers evaluated that these results suggest AI can be utilized as actual security researchers beyond simple code assistance tools.
The research team selected Firefox as the test target. Firefox has a complex structure composed of hundreds of millions of lines of code and is a global browser used by hundreds of millions of users. Also, as a project with long-standing security verification, the reliability of the test target is high. Web browsers run untrusted code and content from the internet, so the danger of vulnerabilities is particularly high.
The research team first conducted an experiment reproducing past Firefox vulnerabilities (CVEs). As a result, the Claude model succeeded in reproducing a significant number of vulnerabilities previously discovered by human researchers. However, to exclude the possibility that the model already knew about those vulnerabilities from training data, the research team conducted an experiment finding new vulnerabilities in the latest Firefox code.
In this experiment, AI discovered the first vulnerability in approximately 20 minutes. The relevant issue was a 'Use-After-Free' type memory error occurring in Firefox's JavaScript engine. This vulnerability is known as a dangerous security flaw that opens the possibility for attackers to manipulate program memory.
Anthropic researchers validated the discovered vulnerabilities in a virtual environment and after additional validation by two internal security researchers, reported them to Mozilla's bug tracking system Bugzilla. However, while the research team was validating vulnerabilities, the Claude model had already discovered more than 50 additional crashing inputs.
Ultimately the research team analyzed approximately 6,000 C++ files and submitted a total of 112 bug reports. A significant number of these have already been corrected in Firefox version 148, with remaining vulnerabilities also scheduled to be resolved in future updates.
The research team analyzed that there is a difference between AI's ability to discover vulnerabilities and actual attack capability. When Claude was requested to generate actual attack code (exploits) using the discovered vulnerabilities, attacks succeeded only twice out of hundreds of experiments. This means that currently AI shows much stronger strengths in vulnerability detection than attack execution.
The research team conducted these experiments at approximately $4,000 in API costs. This is a case showing that AI can perform large-scale vulnerability detection work at relatively low cost.
This research foreshadows three structural changes in the cybersecurity industry. First is the dramatic increase in vulnerability discovery speed. In the past, skilled security researchers had to analyze over extended periods to find vulnerabilities, but AI can simultaneously analyze thousands of files and repeat automated testing.
Second is the formation of a situation where defenders are advantaged at current technology levels. The analysis is that since AI's ability to find vulnerabilities exceeds its attack capability, a 'defender's window' exists where developers can discover and correct vulnerabilities first.
Third is the possibility of an AI-based automatic patching era. The research team presented the concept of a 'patching agent' that performs vulnerability discovery, corrective code writing, and test validation. In particular, a 'task verifier' system that automatically validates whether AI-written patches actually removed vulnerabilities and did not damage program functions was presented as core technology.
However, such technology simultaneously harbors new dangers. While vulnerability detection capabilities can help security researchers and software companies, they can be equally utilized by hackers, cybercrime organizations, and national hacking organizations. The researchers also warned that if language models strengthen attack capabilities going forward, additional safety devices will be needed.
This research confirmed that AI already demonstrates vulnerability detection capabilities surpassing human researchers in some domains. At the same time, this technology has dual characteristics that can change the structure of software security, cyber warfare, and digital infrastructure.
Ultimately one important question remains. Will AI become a powerful tool for security researchers, or will it become a new hacking tool? The answer depends not on the technology itself but on who uses it and how.
