I recently posted thoughts about how AI will impact cybersecurity HERE. Well, a quick fast forward and here we are with Microsoft fully evangelizing AI chat tech with security. The full post on the new Microsoft Security Copilot can be found HERE. This video is a quick demo of its power.
The main value I see is simplifying research tasks making people WAYYYYY more productive. Rather than having to log into multiple sources and spend countless hours researching desired data points, you can simply ask AI to do the work for you. The sky is the limit with this power and it can pretty much apply to any aspect of both red and blue team. If you work in a SOC, you can ask about potential vulnerabilities, risk, etc. and get pretty damn good feedback. What is really powerful are the following items.
- You can ask continuation questions. You first ask about vulnerabilities, then you can ask to tell you more about one area of interest narrowing down findings to your needs FAST.
- You can pull from internal and external data. This is huge as you can identify baseline behavior against outsource sources. For example, you could ask “how does this compare to others” and immediately get a global viewpoint. This is what threat intelligence dreams to provide.
- You can secure your requests hence you are not exposing yourself by using this tech.
Its crazy how fast AI is being brought into the security vendor space making some wonder if there are risks in doing this. Every major player is essentially in an AI arms race. My biggest fear is not if they can make things powerful, but SHOULD they do it. I’m scared that a threat actor could figure out a way to abuse this power leading to something really bad we haven’t encountered before. Imagine all security tools being dependent on AI data and threat actors figuring out a way to throw off findings. It would be a similar situation when a threat actors ruins the “time” of your security systems essentially throwing off all logging and essentially taking down your security.
Check out the announcement. I expect there will be many of these coming from Microsoft, Google and other major players.