CrimeFire – Cyber Security Power House

Microsoft Puts ChatGPT to Work on Automating Cybersecurity – SecurityWeek

Written by

rescue@crimefire.in

in

Hi, what are you looking for?
Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.
By
Flipboard
Reddit
Pinterest
Whatsapp
Whatsapp
Email

The world’s largest software maker is putting ChatGPT to work in the cybersecurity trenches.
Microsoft on Wednesday rolled out an AI-powered security analysis tool to automate incident response and threat hunting tasks, showcasing a security use-case for the popular chatbot developed by OpenAI.
The new tool, called Microsoft Security Copilot, is powered by OpenAI’s newest GPT-4 model and will be trained on data from Redmond’s massive trove of telemetry signals from enterprise deployments and Windows endpoints.
Cybersecurity experts are already using generative AI chatbots to simplify and enhance software development, reverse engineering and malware analysis tasks and Microsoft’s latest move adds several new use-cases for defenders.
Microsoft is already raking in about $20 billion a year from the sale of cybersecurity protection products and industry watchers expect the push into AI automation will create new revenue streams and drive new levels of innovation among cybersecurity startups.
SecurityWeek sources expect to see similar offerings from the likes of Cisco, Palo Alto Networks and Google as rivals rush to embrace the use of generative AI to automate complex and time-consuming security tasks.
Microsoft is positing the Security Copilot chatbot as a tool that works seamlessly with security teams to allow defenders to see what is happening in their environment, learn from existing intelligence, correlate threat activity, and make better decisions at machine speed.
From Microsoft’s documentation:

“Security Copilot will simplify complexity and amplify the capabilities of security teams by summarizing and making sense of threat intelligence, helping defenders see through the noise of web traffic and identify malicious activity.

It will also help security teams catch what others miss by correlating and summarizing data on attacks, prioritizing incidents and recommending the best course of action to swiftly remediate diverse threats, in time.
For incident response teams, Microsoft says the chatbot can be used to identify an ongoing attack, assess its scale, and get instructions to begin remediation based on proven tactics from real-world security incidents.
For threat hunting practitioners, the company says Security Copilot can help determine whether an organization is susceptible to known vulnerabilities and exploits by using AI to examine the environment one asset at a time for evidence of a breach.
The tool can also be used to summarize any event, incident, or threat in minutes and prepare information in a ready-to-share, customizable report.
The company said the tool will integrate natively with products like Microsoft Sentinel, Microsoft Defender and Microsoft Intune to provide an “end-to-end experience across their entire security program.”
Related: ChatGPT and the Growing Threat of Bring Your Own AI to the SOC
Related: Microsoft to Acquire Threat Intelligence Vendor RiskIQ
Related: Microsoft Flexes Security Vendor Muscles With Managed Services
Related: For Microsoft, Security is a $10 Billion Business 

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.
Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.
Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.
When establishing visibility and security controls across endpoints, security professionals need to understand that each endpoint bears some or all responsibility for its own security.
While there are likely many different approaches, here are a few points that are important for enterprises to consider when evaluating bot solutions.
Making threat intelligence actionable requires more than automation; it also requires contextualization and prioritization.
Many of the most successful cybercriminals are shrewd; they want good ROI, but they don’t want to have to reinvent the wheel to get it.
Compliance and ZTNA are driving encryption into every aspect of an organization’s network and enterprise and, in turn, forcing us to change how we think about protecting our environments.
Flipboard
Reddit
Pinterest
Whatsapp
Whatsapp
Email
LastPass DevOp engineer’s home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud…
GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.
A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the…
GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.
Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.
Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of…
Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that…
Implementation of security automation can be overwhelming, and has remained a barrier to adoption
Got a confidential news tip? We want to hear from you.
Reach a large audience of enterprise cybersecurity professionals
Subscribe to the SecurityWeek Daily Briefing and get the latest content delivered to your inbox.
Copyright © 2023 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

source

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts

Свежие материалы