You just haven't suggested a single solution that achieves the same level of risk reduction as AI driven end-to-end exploit generation.

You claim static analysis does the job, but you haven't backed it up with any proof that it works across large diverse codebases. Meanwhile, we have proof that AI works at least somewhat, here and now.