---
title:

Specialists vs Generalists: How AI Will Enter the SDLC

date: 2026-03-09
tags: [#ai, #security, #anthropic, #cybersecurity, #sdlc, #agents ]
draft: false
---

https://cybersecuritynews.com/claude-ai-22-firefox-vulnerabilities/

TL;DR: Claude Opus 4.6 found 22 vulnerabilities in Firefox in two weeks, 14 of them high-severity. Firefox has been fuzzed and scanned for decades — and still missed entire classes of bugs.

Why did existing tools fail? A fuzzer throws random data at the input and waits for a crash. A static analyzer checks code against a pattern database. Both approaches are blind to bugs that require understanding of program logic.

Claude worked differently. It read commit history, found a patch with an added bounds check — and looked for other code paths where the same check was missing. It analyzed preconditions that a fuzzer couldn’t reach in reasonable time. It understood the LZW compression algorithm in CGIF and crafted inputs that broke precisely that. This is no longer brute force — it’s expert-level code analysis.

This example is interesting not on its own, but as an illustration: AI agents can already outperform existing tools in tasks requiring expertise but not deep understanding of a specific project’s business logic nuances. And security is not the only domain where this holds. For example:

  • performance
  • standards compliance
  • observability
  • documentation quality

What these tasks share is that expertise matters far more than broad domain knowledge absent from the code. The agent doesn’t need to understand that a button was added due to new regulations in a particular country — it just needs to know there was no button before, and now there is.

The question is in what form this expertise will enter the SDLC. And here there are two paths.

A generalist agent — a single tool in your IDE or cloud that writes code, finds bugs, optimizes, and documents. Cursor, Claude Code, Copilot are moving in this direction.

Where the generalist wins:

  • project context — sees the architecture, business logic, and connections between components as a whole, not just code in a single file
  • cross-disciplinary findings — notices when a performance optimization breaks security
  • ease of adoption — one tool instead of ten subscriptions and orchestration between them

Specialized agents — each one deeply versed in a single domain. One agent is a security expert, another covers performance, a third handles documentation. They’re embedded in CI/CD, running in parallel.

Where the specialist wins:

  • depth of expertise — all resources focused on one area plus proprietary data and real-user feedback; this is a competitive advantage that a generalist struggles to replicate
  • isolation — independent update cycles; updating one agent doesn’t break the others