The hype around artificial intelligence maybe disappearing But its impact on defense strategy, red teaming and other aspects of cybersecurity could be long-lasting, security experts say.
Large language models are estimated to have the potential to reduce threat analysis by up to 80%. Vicente Diaz (pictured), threat intelligence strategist at VirusTotal, a collaborative threat intelligence platform acquired by Google LLC.
“There’s a lot of talk about AI, but in reality, it works for different domains,” Diaz said. “We’re making progress. Of course, we haven’t solved the security problem yet, but we’re making everyone’s life easier. In this case, we’re looking at how LLMs can help us analyze malware binaries, reverse engineer them, which basically means spending a lot of time and needing a lot of expertise to understand what the malware is doing. And if an LLM can do that for us, that’s a big step forward.”
Diaz spoke to CUBE Research John Fourier And Savannah Peterson has mWISE 2024during an exclusive broadcast on theCUBE, SiliconANGLE Media’s live streaming studio. They discussed AI’s contributions to security infrastructure and code generation. (*Disclosure below.)
AI Transforms Red Teaming and Threat Testing
Cybersecurity is we are currently experiencing the first wave of use cases for LLMs. This includes identifying malware behavior and analyzing key parts of its code.
“Everything you need to do for these spend tests, for this red team, you can leverage it to have the LLMs create codes so that you can analyze the staff and give you the best way to go about it to give you an answer to something that is not trivial,” Diaz said. “And little by little, we’re getting to the point where they’re able to orchestrate everything for us and come up with answers to complex questions… We can hope to be able to fully automate this to some extent in the future. Maybe we can have a constant, scalable red team exercise.”
Social engineering attacks are among the most common threats, and Diaz says security teams are still working on the amount of data generated for malicious purposes. He stresses that the human factor remains crucial to cybersecurity, and our exact role in the process will likely evolve as AI becomes more sophisticated.
“Artificial intelligence was a boring thing, but it had more to do with mathematics,” he said. “And now you see the real implications that are like magic… We had constraints in the past. One of the biggest ones was the size of the questions we could use. Now that that’s changing and LLMs are evolving very quickly, we don’t have those constraints anymore… Because of all this, we’re starting to get better and better results.”
Here’s the full video interview, part of SiliconANGLE and theCUBE Research’s coverage of mWISE 2024:
(*Disclosure: Google Cloud Security sponsored this segment of theCUBE. Neither Google Cloud Security nor other sponsors have editorial control over the content of theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
Your vote of support is important to us and helps us keep the content FREE.
Clicking below supports our mission to provide free, in-depth and relevant content.
Join our community on YouTube
Join the community of over 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies Founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU