How AI can be used in Cybersecurity Operations?

04/12/24 • 44 min

How can AI change a Security Analyst's workflow? Ashish and Caleb caught up with Ely Kahn, VP of Product at SentinelOne, to discuss the revolutionary impact of generative AI on cybersecurity. Ely spoke about the challenges and solutions in integrating AI into cybersecurity operations, highlighting how can simplify complex processes and empowering junior to mid-tier analysts.

Questions asked:

(00:00) Introduction

(03:27) A bit about Ely Kahn

(04:29) Current State of AI in Cybersecurity

(06:45) How AI could impact Cybersecurity User Workflow?

(08:37) What are some of the concerns with such a model?

(14:22) How does it compare to a analyst not using this model?

(21:41) Whats stopping models for going into autopilot?

(30:14) The reasoning for using multiple LLMs

(34:24) ChatGPT vs Anthropic vs Mistral

You can discover more about SentinelOne's Purple AI here!

Questions asked:

(00:00) Introduction

(03:27) A bit about Ely Kahn

(04:29) Current State of AI in Cybersecurity

(06:45) How AI could impact Cybersecurity User Workflow?

(08:37) What are some of the concerns with such a model?

(14:22) How does it compare to a analyst not using this model?

(21:41) Whats stopping models for going into autopilot?

(30:14) The reasoning for using multiple LLMs

(34:24) ChatGPT vs Anthropic vs Mistral

You can discover more about SentinelOne's Purple AI here!

Previous Episode

The Evolution of Pentesting with AI

How is AI transforming traditional approaches to offensive security, pentesting, security posture management, security assessment, and even code security? Caleb and Ashish spoke to Rob Ragan, Principal Technology Strategist at Bishop Fox about how AI is being implemented in the world of offensive security and what the right way is to threat model an LLM.

Questions asked:

(00:00) Introductions

(02:12) A bit about Rob Ragan

(03:33) AI in Security Assessment and Pentesting

(09:15) How is AI impacting pentesting?

(14:50 )Where to start with AI implementation in offensive Security?

(18:19) AI and Static Code Analysis

(21:57) Key components of LLM pentesting

(24:37) Testing whats inside a functional model?

(29:37) Whats the right way to threat model an LLM?

(33:52) Current State of Security Frameworks for LLMs

(43:04) Is AI changing how Red Teamers operate?

(44:46) A bit about Claude 3

(52:23) Where can you connect with Rob

Resources spoken about in this episode:

https://www.pentestmuse.ai/

https://github.com/AbstractEngine/pentest-muse-cli

https://docs.garak.ai/garak/

https://github.com/Azure/PyRIT

https://bishopfox.github.io/llm-testing-findings/

https://www.microsoft.com/en-us/research/project/autogen/

Next Episode

AI Highlights from RSAC 2024 and BSides SF 2024

Key AI Security takeaways from RSA Conference 2024, BSides SF 2024 and all the fringe activities that happen in SF during that week. Caleb and Ashish were speakers, panelists, participating in several events during that week and this episode captures all the highlights from all the conversations they had and they trends they saw during what they dubbed the "Cybersecurity Fringe Festival” in SF.

Questions asked:

(00:00) Introduction

(02:53) Caleb’s Keynote at BSides SF

(05:14) Clint Gibler’s Bsides SF Talk

(06:28) What are BSides Conferences?

(13:55) Cybersecurity Fringe Festival

(17:47) RSAC 2024 was busy

(19:05) AI Security at RSAC 2024

(23:03) RSAC Innovation Sandbox

(27:41) CSA AI Summit

(28:43) Interesting AI Talks at RSAC

(30:35) AI conversations at RSAC