Tenable is developing generative AI tools to combat advanced cyber threats
Cybersecurity company Tenable’s research team is experimenting with generative artificial intelligence (AI) applications like ChatGPT, a large language model trained by AI lab OpenAI, to enhance security research, which in turn can help in combating cyber threats.
The research focuses on a set of new tools designed to help CXOs and researchers streamline reverse engineering, vulnerability analysis, code debugging and web application security, and identify cloud-based misconfigurations, Tenable researchers said in a report published on Tuesday.
These tools are now available on GitHub and demonstrate that generative AI tools like ChatGPT have a valuable role to play in defensive use cases, particularly when it comes to analysing code and translating it into human-readable explanations so that defenders can better understand how the code works and its potential vulnerabilities.
The development comes at a time when mounting concerns over the unintended consequences of unregulated AI have been voiced by the security experts and government agencies in India and worldwide. Needless to say, the introduction of OpenAI’s ChatGPT language-based AI engine in November last year has become a central focus for businesses and society at large as the adoption curve continues to expand at a dramatic pace.
“The complexity of modern-day cyber-attacks has opened up new avenues for generative AI to make a significant impact in cybersecurity research,” said, Ray Carney, Director of Security Response and Zero Day Research at Tenable. He added that the company has “already leveraged AI tools to reduce the labour-intensive and complex work of identifying vulnerabilities, which has increased productivity and enabled them to work more effectively”.
With advanced threat detection and intelligence from trained AI models, there are many ways this emerging technology can aid defenders in India, believes Kartik Shahani, Country Manager, Tenable India.
“We’ve only scratched the surface of this generative AI journey. We expect defenders will find more innovative ways to use generative AI to strengthen their defenses,” he said.
To be sure, Tenable researchers are not the only ones to note that generative AI tools like ChatGPT can help cybersecurity professionals and researchers detect and analyse new-age threats. In February, researchers at cyber security company, Sophos, including Sophos AI’s principal data scientist Younghoo Lee, used GPT-3’s large language models to develop a natural language query interface for searching for malicious activity across Extended detection and response (XDR) security tool telemetry, detect spam emails and more.
In other words, the research indicated that generative AI has an important role to play in processing security events in the SOC, so that defenders can better manage their workloads and detect threats faster.
ChatGPT, as per researchers, can offer a faster and more efficient method for analysing data, detecting threats, and responding to incidents. By employing machine learning algorithms, ChatGPT helps security teams identify and mitigate threats more efficiently — thus reducing both the impact and cost of cyber-attacks, researchers said.