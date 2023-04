A new trend is emerging in the field of generative AI — generative AI for cybersecurity — and Google is one of the companies trying to take that step.

At today’s RSA Conference 2023, Google announced the Cloud Security AI Workbench. This is a cybersecurity suite powered by a special “security” AI language model called Sec-PaLM. His Sec-PaLM, an offshoot of Google’s PaLM model, is “fine-tuned for security use cases,” he said. It incorporates security intelligence such as research into software vulnerabilities, malware, threat indicators, and behavioral attacker profiles.

Cloud Security AI Workbench spans a range of new AI-powered tools, such as Mandiant’s Threat Intelligence AI, and leverages Sec-PaLM to discover, summarize, and respond to security threats. (Recall that Google bought his Mandiant for his $5.4 billion in 2022.) Another Google property, VirusTotal, uses Sec-PaLM to determine if subscribers are malicious. Allows analysis and explanation of script behavior.

Sec-PaLM helps customers of Chronicle, Google’s cloud cybersecurity service, search for security events and “conservatively” manipulate the results. Meanwhile, users of Google’s Security Command Center AI, courtesy of Sec-PaLM, are provided with a “human resource” on attack exposure, including risk summaries for affected assets, recommended mitigations, and security, compliance, and privacy findings. can get a readable description.

“Generative AI has captured the imagination recently, but Sec-PaLM builds on years of foundational AI research from Google and DeepMind, as well as deep expertise from our security teams,” Google said in a blog post this morning. I am writing to “We are just beginning to realize the power of applying generative AI to security, and we look forward to continuing to leverage this expertise for our customers and driving progress across the security community.”

These are pretty bold ambitions given that Cloud Security AI Workbench’s first tool, VirusTotal Code Insight, is currently only available in limited preview. (Google says it plans to roll out the remaining services to “trusted testers” in the coming months.) Frankly, how well Sec-PaLM works in practice (or doesn’t work) is not clear. Sure, a “recommended mitigation and risk summary” sounds useful, but is the suggestion much better or more accurate just because the AI ​​model generated it?

After all, even the most advanced AI language models make mistakes. Prompt he is also susceptible to attacks such as injection and can behave in ways not intended by its creator.

Of course, that doesn’t stop the tech giants. In March, Microsoft announced the Security Copilot. This is a new tool aimed at “summarizing” and “understanding” threat intelligence using OpenAI’s generative AI models, including GPT-4. In a press release, Microsoft, like Google, claimed that generative AI could better equip security professionals to fight emerging threats.

The jury is very enthusiastic about it. In fact, generative AI for cybersecurity may prove to be more of a hype than anything else. Research on its effectiveness is lacking. With any luck, you’ll see results soon, but in the meantime don’t take Google and Microsoft’s claims for granted.

