Beyond Success Rate: Cost-Aware Evaluation of Offensive and Defensive Security Agents
By Paul Kassianik · Paper · cs.CR
Security-agent evaluations commonly measure peak offensive capability under generous inference budgets, emphasizing vulnerability discovery, exploit development, penetration testing, and CTF completion. Such measurements are useful but incomplete: in operational security, every r