Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Generative AI in Cybersecurity: Rise of the Mac...

Generative AI in Cybersecurity: Rise of the Machines?

In recent years, generative artificial intelligence (AI), especially Large Language Models (LLMs) like ChatGPT, has revolutionized the fields of AI and natural language processing. From automating customer support to creating realistic chatbots, we rely on AI much more than many of us probably realize. The AI hype train definitely reached full steam in the last several months, especially for cybersecurity use cases, with the release of tools such as Stable Diffusion, Midjourney, DALL-E, ChatGPT / GPT-3.5 / GPT-4. Unfortunately, almost all of this attention focuses on the potential negative impacts of AI, while ignoring beneficial use cases to help organizations defend their networks. As we know, disasters almost always make for better primetime news viewing than cute puppies, and most of these articles have big “if it bleeds, it leads” energy. But is all this negative hype warranted? Let's examine a few concrete use cases and find out!

[As presented during the SANS AI in Cybersecurity Summit 2023]

David J. Bianco

May 31, 2023
Tweet

More Decks by David J. Bianco

Other Decks in Technology

Transcript

  1. © 2 0 2 3 S P L U N

    K I N C . Generative AI in Cybersecurity Rise of the Machines? David J. Bianco Staff Security Strategist SURGe by Splunk @DavidJBianco @[email protected]
  2. © 2 0 2 3 S P L U N

    K I N C . > David Bianco | Staff Security Strategist, SURGe q 20+ years of experience in incident detection & response, threat hunting, CTI, and other Blue-team topics q SANS Certified Instructor q Creator of the Pyramid of Pain & Hunting Maturity Model q Terrible at introducing myself
  3. © 2 0 2 3 S P L U N

    K I N C . The AI (Hype?) Train ALLL ABOAAARD! Source: Midjourney
  4. © 2 0 2 3 S P L U N

    K I N C . According to the media, we’re doomed! If we bleed, it leads Source: Harvard Business Review Source: ZD Net Source: CSO/IDG
  5. © 2 0 2 3 S P L U N

    K I N C . New tech always freaks people out But then we adapt and figure out how it benefits us as well Source: Public Domain Source: Public Domain
  6. © 2 0 2 3 S P L U N

    K I N C . Fear: AI will take our jobs Humans will always be integral to the process Source: Infosecurity Magazine Source: NSA :Source Public Domain
  7. © 2 0 2 3 S P L U N

    K I N C . Fear: AI will write undetectable malware Maybe, but ”no code” has been around for a while Source: Forcepoint Source: VirusTotal Source: Forcepoint
  8. © 2 0 2 3 S P L U N

    K I N C . Fear: AI will create perfect phish Phishing is already pretty sophisticated Source: CNet
  9. © 2 0 2 3 S P L U N

    K I N C . Fear: AI will create perfect phish Phishing is already pretty sophisticated Source: itgovernance.eu
  10. © 2 0 2 3 S P L U N

    K I N C . Fear: AI will create perfect phish Phishing is already pretty sophisticated Source: Wired
  11. © 2 0 2 3 S P L U N

    K I N C . Why the freak-out? Genevieve Bell may have the answer Time • AI is available 24/7/365, with no need to rest Space (??) • Virtual spaces • Increased malicious traffic People • Is this intelligence Artificial or Natural? New tech creates “moral panic” when it affects our relationships with:
  12. © 2 0 2 3 S P L U N

    K I N C . AI is augmentation, not annihilation Maybe it can help bridge the “skills gap” Source: David J. Bianco & ChatGPT
  13. © 2 0 2 3 S P L U N

    K I N C . Conclusion AI could be a great opportunity for us, if we are careful Source: Arild Vågen Source: Midjourney Source: Midjourney
  14. © 2 0 2 3 S P L U N

    K I N C . Generative AI in Cybersecurity Rise of the Machines? David J. Bianco Staff Security Strategist SURGe by Splunk @DavidJBianco @[email protected]