Header image

#Infosec24: Using GenAI For Automated Defence

Perception Point look at the defensive options in using GenAI.

Attackers are using GenAI to enhance their operations, but there is an opportunity for defenders to increase their capabilities using it too.

Speaking at Infosecurity Europe in London, Tal Zamir, CTO of Perception Point, said that employees are using GenAI, and this has led to the roll out of desktop apps and browser extensions - and increased the risk of data leaks.

“When you use any GenAI app, they let human reviewers view sensitive data,” Zamir said, pointing at the OpenAI breach where conversations were publicly available to other users.

Rogue AI Use

Zamir said that GenAI agents look across the enterprise, and can find details via keyword, as well as looking for matching documents and files that are exposed across the work population.

Also, he warned of fake GenAI apps, which are hard to determine from the real apps, and could steal an API key if used.

“The biggest GenAI models out there are available to attackers in an easy way, and they can grab the model and run it locally on a laptop,” he said, warning that attackers can use AI to increase productivity, increase the scale of attacks and target any industry, and bring junior attackers up to speed.

He said that the “highest bar is full automation of the attack process” where websites can be attacked with one-day vulnerability.

On the Defense

Zamir said on the defensive side, GenAI can allow protection to be enhanced with better detection, and also eliminate incident response work.

Also, Zamir talked about better detection of Business Email Compromise (BEC) emails, especially those with no links or email domain displayed in the body, saying in one instance Perception Point were able to understand a zero-hour phishing attempt, and expose a new set of attacks without any human intervention.

Speaking to SC UK, Zamir said this is done automatically now, “but we provide our customers with another layer of human service as even if our system is great at stopping all of the BECs, the customer is so convinced that it is a human element we add as well.”

Dan Raywood Senior Editor SC Media UK

Dan Raywood is a seasoned B2B journalist with over 20 years of experience, specializing in cybersecurity for the past 15 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes. Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Dan Raywood Senior Editor SC Media UK

Dan Raywood is a seasoned B2B journalist with over 20 years of experience, specializing in cybersecurity for the past 15 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes. Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Upcoming Events

11
Jul

Beyond Cloud Security Posture Management:

Validating Cloud Effectiveness with Attack Simulation

image image image image