ADVERTISEMENT
Existing guardrails don’t prevent ChatGPT from serving up emails that could be exploited for social engineering—for instance, an email to your “uncle” that you haven’t talked to in years, said Mike Parkin, senior technical marketing engineer at Tel Aviv, Israel-based vulnerability management vendorVulcan Cyber. “The guardrails are there, but if I’m at all clever, I can get around those guard- rails,” Parkin said. In response, a number of security vendors have released tools that can help to combat the threat of GenAI-powered email attacks. San Francisco-based Abnor- mal Security’s CheckGPT tool focuses on detecting attacks that were created using Large Language Models, tapping into multiple open-source LLMs to determine the likelihood that an email message was created with the help of GenAI. Phishing detection vendor SlashNext, meanwhile, offers capabilities powered by its own GenAI technology, aimed at blocking email-based attacks that are created by ChatGPT and other GenAI apps. At a time when malicious actors clearly have much to gain from apps such as ChatGPT, the team at Pleasanton, Calif.-based SlashNext believes that “you have to fight AI with AI,” said CEO Patrick Harr. In the cybersecurity industry as a whole, vendors have been moving aggressively to add GenAI-powered capabilities into their tools for cyber defense. Among the first was SentinelOne, which debuted a GenAI-powered threat hunting tool, dubbed Purple AI, in April. The tool provides the ability to use natural language to query a system, offering a massive time savings to analysts and allowing security teams to respond to more alerts and catch more attacks, according to the MountainView, Calif.-based company. Purple AI essentially “takes any entry-level analyst and makes them a ‘super analyst,’” SentinelOne co-founder and CEO TomerWeingarten told CRN . In May, CrowdStrike unveiled Charlotte AI, which the Austin, Texas-based company calls a “generative AI security analyst” that can dramatically boost productivity and effectiveness for Security Operations Center (SOC) teams. “The way we think about this technology is to help accelerate the decision-making and help present the information to the SOC analysts to be able to move very quickly,” CrowdStrike President Michael Sentonas told CRN . Looking ahead, Santa Clara, Calif.-based PaloAlto Networks aims to use GenAI in a way that will “solve the real hard problems,” ultimately going far beyond “superficial” applications for security, Chief Product Officer Lee Klarich told CRN . “What we’re doing is looking at what are those hard problems we want to go solve? How do we architecturally approach that and leverage these new AI tech- nologies to help us get there?” Klarich said. “It will be different than just a little box in the corner of the UI [user interface] where you can type in something, and you get a [response].” There’s no question that many implications of GenAI for security still have yet to be revealed, experts told CRN . Utilization of threat intelligence and management of vulnerabilities are just two examples of areas that should see profound improvements from using GenAI, according to Robert Boyce, a managing director and global lead for cyber resil- ience services at Dublin, Ireland-based Accenture. With threat intelligence, rather than having to read every report individually, security analysts in the future will likely be able to pull and correlate the data across reports to rapidly get a unified picture, Boyce said. And for management of vulnerabilities, it’s probable that GenAI will be able to help prioritize which patches need to be deployed first—and potentially even automate the deployment of those fixes, he said. The use of GenAI for automating more of these actions in security “is something that I’m really interested in,” Boyce said. In a world where attackers always seem to have the advantage, “that would make a tangible difference.”
27
OCTOBER
Made with FlippingBook - professional solution for displaying marketing and sales documents online