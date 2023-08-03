Since the launch of ChatGPT, concerns have been raised regarding its potential to be exploited by criminals. However, recent research conducted by Sophos indicates that generative AI can also be harnessed to benefit defenders and assist security teams.

Sophos researchers have uncovered that technology like GPT-3 has the capability to simplify labor-intensive processes, thereby saving precious time for defenders. They utilized a natural language query interface in their research, enabling security analysts to filter through data collected by security tools in search of malicious activity. This innovation has the potential to revolutionize the work of security teams who are often inundated with a constant stream of alerts and notifications on a daily basis.

The combination of this overwhelming influx of information and the ongoing shortage of skilled human resources dedicated to addressing these alerts makes it increasingly difficult to stay ahead of the constantly evolving threat landscape. However, artificial intelligence can address this challenge by assisting analysts in identifying which alerts require further investigation. By doing so, it effectively reduces the number of hours spent on this task.

For example, AI can help determine which devices within a Security Operations Center (SOC) require immediate fixes following the reporting of software vulnerabilities. These capabilities can greatly boost the effectiveness of human analysts who are already overwhelmed in overworked SOCs and research laboratories.

Taking an active approach, Sophos is in the process of integrating some of these prototypes into their products and has shared the outcomes of their recent efforts on GitHub. For a deeper understanding of how generative AI, particularly GPT-3, can provide support to defenders, please refer to the article titled “GPT for You and Me: Applying AI Language Processing to Cyber Defenses.”