64% of Surveyed Whitehats Find ChatGPT Lacks Accuracy in Identifying Security Vulnerabilities - Immunefi

cryptonews.com:

While most surveyed whitehats used ChatGPT in Web3 security and found it has potential, they've noted concerns around its ability to identify security vulnerabilities, according to a report by the bug bounty and security services platform Immunefi.

OpenAI released its artificial intelligence chatbot ChatGPT in November 2022. Within two months, it reached 100 million users - but as its user base grew so did concerns about security, privacy, and ethics.

165 of the most active whitehats in the Web3 security community participated in Immunefi's survey conducted in May 2023, the platform told Cryptonews. The newly released 'ChatGPT Security Report' was built in June.

The adoption of ChatGPT among whitehats is relatively high, the report found. 76.4% of the respondents used the technology, while 36.7% incorporated it into their daily workflow.

As for use cases, 74% said that the novel technology is best suited for educational purposes. 

Notably, the report stated that,

"While smart contract auditing [60.6%] and vulnerability discovery [46.7%] are regarded by the community as particular use cases, in turn, the most commonly cited concerns were limited accuracy in identifying security vulnerabilities [64.2%], lack of domain-specific knowledge [61.2%], and difficulty in handling large-scale audits [61.2%]."

Per the report, 76.4% of the whitehats reported using ChatGPT for security practices. 

Rating their level of confidence in ChatGPT's ability to identify Web3 security vulnerabilities, 35% said they were moderately confident, 29% were somewhat confident, and 26% were not confident.

52% said that the general use of ChatGPT presents security concerns, including phishing, scams, social engineering, and ransomware and malware development.

Th