Last Updated on May 12, 2023
One of the main reasons I attended the recent RSA Conference (RSAC) 2023 in San Francisco was to check out up-and-coming AI-based solutions for proactive cybersecurity. Pivot Point Security has been pushing this envelope in several ways and I wanted to compare notes with the experts.
Hoping the good guys will win
My takeaway from many interesting conversations is that all the energy behind AI and machine learning (ML) puts earlier and more precise detection of security incidents on the near horizon.
Because of the increasing benefits this technology will bring as it continuously improves, I tend towards optimism that the white hats will ultimately get more overall advantage from AI than the cyber criminals. But plenty of people disagree with me on that.
Intriguing new use cases
Several interesting ML use cases for large language models (LLMs) were being demo’d and discussed at the conference. One cool and potentially very helpful approach seeks to automatically group potentially related events from across the environment into a “portrait” of an incident.
Another interesting LLM idea attempts to do natural language processing of cybersecurity queries. Say you’re worried about a one-time password (OTP) bot attack. With existing tools, you might search for indicators for compromise, which requires knowing the query syntax and what field that data might be stored in. Or you might look at ports a bot is known to communicate on. Or whether it was communicating with its command-and-control via an FQDN or IP address… In short, a time-consuming effort requiring significant expertise.
With natural language processing your query could be “Is there evidence of an OTP bot in my environ ..
Support the originator by clicking the read the rest link below.
