There has been much discussion about how OpenAI’s ChatGPT could be misused for malicious purposes and how it can threaten security. However, a chatbot with artificial intelligence can be very helpful for the cybersecurity industry.
ChatGPT was launched in November 2022. It has been called revolutionary by many. ChatGPT is built on OpenAI’s GPT-3 large language models. Users interact with it via prompts.
Numerous articles have been written about how ChatGPT can be used to create malware and send phishing emails.
ChatGPT Integration to Cybersecurity
ChatGPT is a helpful tool for defenders, and the cybersecurity industry is increasingly integrating it into products and services.
Some members of the cybersecurity industry have also been testing its limitations and capabilities.
Many cybersecurity companies have used ChatGPT in the last few months. Some researchers have also found use cases for ChatGPT.
Orca, a cloud security company, was the first to integrate ChatGPT, specifically GPT-3, into its platform. This is to improve the customer’s ability to resolve cloud security risks.
Orca stated that fine-tuning powerful language models with security data sets made it possible to improve the detail and accuracy of remediation steps. This will give you a better remediation plan and help you to solve the problem as quickly as possible.
Kubernetes security firm Armo has integrated ChatGPT’s generative AI into their platform to make it easier to create security policies based upon Open Policy Agent (OPA)
Armo Custom Controls pre-trains ChatGPT to use security and compliance Regos and additional context. By utilizing the power of AI, Armo Custom Controls can create custom-made controls via natural language.
ChatGPT produces the complete OPA rule and a description and suggested remedy to fix the failed control. This is done quickly and easily, without the need to learn any new language,” said the company.
Logpoint recently announced a ChatGPT integration to its LogPoint SOAR solution (security orchestration automation and response) in a laboratory setting.
The company stated that the ChatGPT integration with Logpoint SOAR would allow customers to explore the potential of SOAR playbooks and ChatGPT in cybersecurity.
AlertEnterprise, a cyber-physical security software company, has launched a ChatGPT chatbot. It allows users to quickly access information about physical access, visitor management, identity access management and security and safety reporting.
Chatbots can be asked questions like “how many new badges did you issue last month?” and “show me the upcoming expirations of employee training for restricted access.” Accenture Security is analyzing ChatGPT’s abilities to automate cyber defence-related tasks.
Trellix and Coro are investigating the possibility of embedding ChatGPT into their cybersecurity offerings.
ChatGPT has been used to conduct tests by members of the cybersecurity community. HackerSploit, a training provider, demonstrated how ChatGPT could be used to detect software vulnerabilities and how it could be used for penetration testing.
Kaspersky’s researcher conducted IoC detection experiments. He found promising results in certain areas. To detect gaps, these tests involved checking for IoCs and comparing signature-based rule set output with ChatGPT output. They also detected code obfuscation and found similarities between malware binaries.
ChatGPT was used to analyze malware in the online malware sandbox Any. Run. ChatGPT analyzed simple samples but failed to recognize more complicated code.
NCC Group conducted a security code review with the AI and discovered that it “doesn’t work”. While it can correctly identify specific vulnerabilities, the company discovered that it also gives false information and false positives in many instances, making it unreliable for code analysis.
Antonio Formato and Zubair Rahim, security researchers, have shared how ChatGPT was integrated with Microsoft Sentinel security analytics and threat Intelligence solution for incident management.
Juan Andres Guerrero Saade, security researcher and adjunct lecturer at Johns Hopkins SAIS, recently integrated ChatGPT in a class on malware analysis, reverse engineering, and other related topics.
ChatGPT allowed students to quickly find answers to their ‘dumb’ questions, preventing class disruption. ChatGPT made it easy for students to use the tools, understand code and write scripts.
- What is a Cybersecurity Maturity Model?
- How To Develop The Cybersecurity Workforce?
- Top 5 Cybersecurity Risks for Business