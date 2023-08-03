There have been concerns about how ChatGPT, an AI language model, might make it easier for criminals to carry out exploits. However, research from Sophos suggests that AI could actually be a valuable tool in the hands of defenders rather than criminals.

Sophos researchers have discovered that generative AI, such as GPT-3, can help simplify labor-intensive processes and save valuable time for security teams. They have developed a natural language query interface that enables security analysts to filter data collected by security tools for malicious activity just by entering plain text English queries.

This advancement could revolutionize the work of security teams that deal with a high volume of noise in the form of alerts and notifications on a daily basis. Combined with the ongoing shortage of skilled professionals, it becomes a challenge to stay on top of the constantly evolving threat landscape.

One major benefit of AI assistance is the ability to identify which alerts require further investigation, saving countless hours of human labor. For instance, in Sophos’ lab, half a million malicious files are received daily, far more than what analysts can manually examine. AI tools can help analysts prioritize which files are worthy of attention.

Furthermore, AI can expedite the process of addressing vulnerabilities. For software makers releasing fixes, AI technology can determine which devices in a Security Operations Center (SOC) require immediate attention. This can significantly enhance the effectiveness of already overwhelmed human analysts.

Sophos is actively working on integrating some of these prototypes into their products and has shared the results of their efforts on GitHub. They recognize that incorporating AI language processing into cyber defenses can greatly assist defenders.

Overall, while there have been concerns about AI’s impact on cybersecurity, it is evident that it has the potential to strengthen the defense against cyber threats. By leveraging AI technologies like GPT-3, security teams can streamline their processes, save time, and become more effective in countering cyber attacks.