Since its debut, concerns have arisen about ChatGPT making it easier for criminals to exploit vulnerabilities. However, recent research suggests that artificial intelligence (AI) can provide significant benefits for defenders and security teams.

Researchers at Sophos have demonstrated that AI, particularly with technology like GPT-3, can simplify labor-intensive processes and save valuable time for defenders. By using a natural language query interface, security analysts can filter data collected by security tools for malicious activity simply by entering queries in plain text English.

This capability can revolutionize security teams’ ability to handle large volumes of alerts and notifications. With the ongoing talent gap and limited human resources available to address the constant influx of alerts, AI can help defenders stay on top of the ever-evolving threat landscape.

For instance, AI can assist analysts in identifying which alerts require further investigation among the vast number of malicious files received daily. By enabling AI to determine the priority of alerts, it can significantly reduce the workload and hours dedicated to this task, ultimately improving efficiency.

AI can also streamline the process of addressing vulnerabilities. When software makers release fixes, AI can quickly identify which devices in the Security Operations Center (SOC) require updates. This capability ensures that defenders can promptly take action, enhancing their effectiveness.

Sophos is actively incorporating these AI prototypes into their products and has made the outcomes of their recent efforts accessible on GitHub. The integration of AI language processing, such as GPT-3, into cybersecurity defenses holds great promise for improving protection against cyber threats.