$30 off During Our Annual Pro Sale. View Details »

Generative AI in Cybersecurity: Rise of the Machines?

David J. Bianco
May 31, 2023
Technology
0
11

Generative AI in Cybersecurity: Rise of the Machines?

In recent years, generative artificial intelligence (AI), especially Large Language Models (LLMs) like ChatGPT, has revolutionized the fields of AI and natural language processing. From automating customer support to creating realistic chatbots, we rely on AI much more than many of us probably realize. The AI hype train definitely reached full steam in the last several months, especially for cybersecurity use cases, with the release of tools such as Stable Diffusion, Midjourney, DALL-E, ChatGPT / GPT-3.5 / GPT-4. Unfortunately, almost all of this attention focuses on the potential negative impacts of AI, while ignoring beneficial use cases to help organizations defend their networks. As we know, disasters almost always make for better primetime news viewing than cute puppies, and most of these articles have big “if it bleeds, it leads” energy. But is all this negative hype warranted? Let's examine a few concrete use cases and find out!

[As presented during the SANS AI in Cybersecurity Summit 2023]

David J. Bianco

May 31, 2023
Tweet

More Decks by David J. Bianco

See All by David J. Bianco
Trust Unearned? Evaluating CA Trustworthiness Across 5 Billion Certificates
davidjbianco
0
150
Five Lies & a Truth: Attacking the Defender's Dilemma
davidjbianco
0
25
Five Lies and a Truth: Attacking the Defender's Dilemma
davidjbianco
0
200
Developers: What Your Security Team Wishes You Knew (And It's Not Secure Coding!)
davidjbianco
0
120
Raising the Tide: Driving Improvement in Security by Being a Good Human
davidjbianco
0
37
Evolving the Hunt: A Case Study in Improving a Mature Hunt Program
davidjbianco
0
920
Quality Over Quantity: Determining Your CTI Detection Efficacy
davidjbianco
1
350
Quality over Quantity: Determining Your CTI Detection Efficacy
davidjbianco
0
260
Introduction to Data Analysis with Security Onion (and Other Open Source Tools)
davidjbianco
0
1.2k

Other Decks in Technology

See All in Technology
eBPF for the rest of us - Golab 2023
fedepaol
0
270
ExaDB-D dbaascli で出来ること
oracle4engineer
PRO
0
1.1k
EventStormingとRDRA2.0で大規模レガシーシステムのフルリニューアルPJに挑む
leveragestech
0
520
DMBOKを参考にしたデータマネジメントの取り組み
ttccddtoki
3
1k
DMMオンラインサロン エンジニア採用資料/ for-software-engineers
onlinesalon
0
3.6k
Java Language Future
chiroito
4
1.1k
技術コミュニティ参加のすすめ
minorun365
PRO
4
270
Garoon 開発チーム / Garoon development team
cybozuinsideout
PRO
0
2.2k
つくばチャレンジ2023EX with PLATEAU@つくばセンター広場課題コース
tsukubachallenge
0
130
(JSConf JP 2023) LLM (大規模言語モデル) 全盛時代の開発プラクティス
baseballyama
8
3.6k
Intlの今までとこれから
sajikix
7
2.7k
Vertex AI Feature Store に 機械学習エンジニアが涙した 理由
asei
3
1.2k

Featured

See All Featured
Dealing with People You Can't Stand - Big Design 2015
cassininazir
352
21k
Code Review Best Practice
trishagee
53
14k
Infographics Made Easy
chrislema
236
17k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
152
14k
The Mythical Team-Month
searls
214
41k
Art, The Web, and Tiny UX
lynnandtonic
286
19k
Raft: Consensus for Rubyists
vanstee
130
6k
From Idea to $5000 a Month in 5 Months
shpigford
376
45k
Making Projects Easy
brettharned
105
5.2k
Designing the Hi-DPI Web
ddemaree
274
33k
A designer walks into a library…
pauljervisheath
199
19k
GraphQLの誤解/rethinking-graphql
sonatard
45
8.7k

Transcript

  1. © 2 0 2 3 S P L U N K I N C .
    Generative AI in
    Cybersecurity
    Rise of the Machines?
    David J. Bianco
    Staff Security Strategist
    SURGe by Splunk
    @DavidJBianco
    @[email protected]

    View Slide

  2. © 2 0 2 3 S P L U N K I N C .
    > David Bianco | Staff Security Strategist, SURGe
    q 20+ years of experience in incident
    detection & response, threat hunting,
    CTI, and other Blue-team topics
    q SANS Certified Instructor
    q Creator of the Pyramid of Pain & Hunting
    Maturity Model
    q Terrible at introducing myself

    View Slide

  3. © 2 0 2 3 S P L U N K I N C .
    The AI (Hype?) Train
    ALLL ABOAAARD!
    Source: Midjourney

    View Slide

  4. © 2 0 2 3 S P L U N K I N C .
    According to the media, we’re doomed!
    If we bleed, it leads
    Source: Harvard Business Review
    Source: ZD Net
    Source: CSO/IDG

    View Slide

  5. © 2 0 2 3 S P L U N K I N C .
    New tech always freaks people out
    But then we adapt and figure out how it benefits us as well
    Source: Public Domain Source: Public Domain

    View Slide

  6. © 2 0 2 3 S P L U N K I N C .
    Fear: AI will take our jobs
    Humans will always be integral to the process
    Source: Infosecurity Magazine
    Source: NSA :Source Public Domain

    View Slide

  7. © 2 0 2 3 S P L U N K I N C .
    Fear: AI will write undetectable malware
    Maybe, but ”no code” has been around for a while
    Source: Forcepoint
    Source: VirusTotal
    Source: Forcepoint

    View Slide

  8. © 2 0 2 3 S P L U N K I N C .
    Fear: AI will create perfect phish
    Phishing is already pretty sophisticated
    Source: CNet

    View Slide

  9. © 2 0 2 3 S P L U N K I N C .
    Fear: AI will create perfect phish
    Phishing is already pretty sophisticated
    Source: itgovernance.eu

    View Slide

  10. © 2 0 2 3 S P L U N K I N C .
    Fear: AI will create perfect phish
    Phishing is already pretty sophisticated
    Source: Wired

    View Slide

  11. © 2 0 2 3 S P L U N K I N C .
    Why the freak-out?
    Genevieve Bell may have the answer
    Time
    • AI is
    available
    24/7/365,
    with no
    need to
    rest
    Space (??)
    • Virtual
    spaces
    • Increased
    malicious
    traffic
    People
    • Is this
    intelligence
    Artificial or
    Natural?
    New tech creates “moral panic” when it affects our relationships with:

    View Slide

  12. © 2 0 2 3 S P L U N K I N C .
    AI is augmentation, not annihilation
    Maybe it can help bridge the “skills gap”
    Source: David J. Bianco & ChatGPT

    View Slide

  13. © 2 0 2 3 S P L U N K I N C .
    Conclusion
    AI could be a great opportunity for us, if we are careful
    Source: Arild Vågen Source: Midjourney Source: Midjourney

    View Slide

  14. © 2 0 2 3 S P L U N K I N C .
    Generative AI in
    Cybersecurity
    Rise of the Machines?
    David J. Bianco
    Staff Security Strategist
    SURGe by Splunk
    @DavidJBianco
    @[email protected]

    View Slide