Today’s Cyber Goodreads recommendation is an article Red Canary’ article published this week titled Using GenAI to improve security operations, that offers a look at how they use generative AI (GenAI) in their security operations. If you’re not familiar with Red Canary, they are a top tier provider in the managed detection and response space. I’ve learned a lot from and followed their content for quite a few years now. I originally came across them via their excellent training on MITRE ATT&CK. I’ve used their Atomic Red Team adversary emulation tool, and now I follow their blog for its in-depth cyber threat detection content.
Their article hit home for me for two big reasons. The first one is that it strikes me as a great approach that could serve as a model for how to integrate and leverage AI and machine learning in a cybersecurity team. Or at least something to aspire to, with plenty of great food for thought.
The second reason ties in with my thoughts on being an AI Optimist, a believer in the idea that GenAI in “copilot” mode will make us more effective in our work and will augment our abilities, not steal our jobs (at least in my field within cybersecurity).
Red Canary’s post has a very optimistic tone on AI in general. Here’s one slice of it that speaks to that:
We’ve been experimenting with generative AI (GenAI) since early 2023, and we’re confident that when applied discerningly it will be more of a boon for defenders than for adversaries.
My favorite parts of the article describe how tasks are allocated to GenAI and to Red Canary’s security team:
GenAI agents are essentially bots powered by LLMs. A GenAI agent receives a prompt, breaks down complex tasks into sequenced subtasks, can make external API calls to complete subtasks, and then responds to the prompt. Qualitatively, GenAI agents help our experts both get to the fun part—making a decision informed by security-relevant data—faster, and spend a higher percentage of their day doing the fun part.
^^^ That’s a lovely diagram that feels like a perfect example of GenAI in copilot mode. Here’s the article link:
Interesting thanks for sharing!