All things are born of each other. The generative artificial intelligence represented by ChatGPT provides a new solution to the once difficult problems in the field of network security, and also brings worrying security problems.
The emergence of contradictions means that a new breakthrough is about to be born. For network security vendors, how to actively apply GPT technology to solve new problems encountered in the process of technology development on the basis of ensuring data security and compliance is a compulsory topic for business breakthroughs.
On May 30, the "CSA ChatGPT Security Seminar" hosted by Cloud Security Alliance Greater China and undertaken by domestic first-line security vendors and other units was held online.
The translated CSA white paper "Security Impact of ChatGPT" was released at the meeting. The white paper highlights the potential of GPT technology to improve productivity and change software development practices, while also pointing out the challenges of distinguishing its legitimate from illegitimate uses.
Viewpoint one
The continuous upgrade of offensive and defensive confrontation requires intelligence to fight intelligence
At present, attackers have used AI large models to quickly build attack tools, whether they are mining code vulnerabilities, generating attack scripts for vulnerabilities, or generating phishing emails and social engineering chat replies in batches. When the offensive and defensive confrontation continues to escalate, it is believed that "intelligence against intelligence" is the future development direction.
With high-quality enterprise-level data training, self-developed large-scale model "Security GPT" in the security vertical field , empowering security products and services, and greatly improving the ability to detect unknown and advanced threats.
After testing with 50 million sample data, compared with traditional detection engines, XDR, a manufacturer that enables secure GPT technology, has a detection rate of 95.7% for attack bypassing techniques, and a false alarm rate (the proportion of wrong judgments in security alerts) is only 4.3% .
point of view two
The application of GPT technology will become the core productivity and competitiveness of security vendors
The security GPT developed by a certain manufacturer is trained by "large model algorithm + threat intelligence + security knowledge" . In order to prevent the risk of being induced by wrong answers provided by the large language model, a certain manufacturer also made a lot of fine-tuning through the small model, so that it has both generalized detection capabilities and high-quality attack interpretation capabilities .
This is a technological leap brought about by the large model, and it also brings core productivity and competitiveness to security vendors.
A certain manufacturer took the lead in the practice of GPT technology application in the domestic security field, and realized the first show demonstration, showing the following capabilities:
1. Significantly improve the security detection effect on traffic and logs.
2. Automatically analyze the user's security status and generate disposal suggestions.
3. Automated investigation, analysis, research and judgment to improve the efficiency of security operations.
4. Natural language interaction improves user experience and reduces professional requirements for operators.
Point three
To embrace big models, we need to fully embrace cloudification
In order to make good use of large-scale model technology, the security industry needs to be more open, interconnected, and fully embrace cloudification.
The implementation of a manufacturer's AI technology architecture on the user side relies on the advanced system of "open platform + leading components + cloud services" . Through the open platform, enjoy the ability of cloud online and massive data; through leading components, capture rich data at the attack site, and protect it based on cloud and local models; and then provide 7*24h online services through cloud services reveal all the details.
A manufacturer's secure GPT technology is applied to the XDR platform. The platform has cloud-based delivery capabilities, built-in linkage capabilities with a large number of components, convenient delivery, and out-of-the-box use.
In the face of the application of GPT technology, a certain manufacturer has taken a small step to try. Under the background that complex attacks have become the new normal, GPT technology is used to build a new paradigm of security construction. Reduce work costs and increase efficiency, and improve the safety baseline of users in various industries.
Adhering to the development strategy of AI First, a certain manufacturer will explore and solve more problems in the application of GPT technology. I believe that in the near future, all security products and services of a certain manufacturer will be connected to secure GPT to achieve truly intelligent security and help every user "one step ahead in security".
For the pdf download address, see: 2023 Latest CSA Symposium - ChatGPT Security Impact White Paper Download|Cotton's Blog|Cotton's Blog