Cybersecurity is actually one of the few fields that can benefit from AI. There are companies like Horizon3 who are using it alongside their other threat models to do continuous pen testing.
Gonna take a guess here that what is used in cybersecurity is not LLMs but one of the more useful machine learning applications. Just a nitpick cause today “ai” and “LLM” are sadly synonymous.
No, LLMs can definitely be useful for cyber too. It’s the whole reason the US government banned Claude Fable for export.
An LLM can not just try existing exploits like a script kiddy, but with iteration it can try variations and if you know what runs on the server, inspect the source for potential exploits.
They can also look at your setup and say what issues they see (reverse proxy config, etc).
Doesn’t replace an expert, but can be useful for a first pass before you get the highly paid people involved.
I do. I reverse engineered some proprietary software using an agent. A pro could’ve maybe done it faster, but I did it AFK with little knowledge about reverse engineering.
An agent could similarly try tons of attacks against online targets. Fairly sure some are doing it.
Cybersecurity is actually one of the few fields that can benefit from AI. There are companies like Horizon3 who are using it alongside their other threat models to do continuous pen testing.
Yeah imo the one thing ai is legitimately useful for is finding answers to difficult problems that can be trivially verified as correct.
In this case hallucinations actually help…
Gonna take a guess here that what is used in cybersecurity is not LLMs but one of the more useful machine learning applications. Just a nitpick cause today “ai” and “LLM” are sadly synonymous.
No, LLMs can definitely be useful for cyber too. It’s the whole reason the US government banned Claude Fable for export.
An LLM can not just try existing exploits like a script kiddy, but with iteration it can try variations and if you know what runs on the server, inspect the source for potential exploits.
They can also look at your setup and say what issues they see (reverse proxy config, etc).
Doesn’t replace an expert, but can be useful for a first pass before you get the highly paid people involved.
You know what, fair enough. I don’t know enough about that particular one.
I do. I reverse engineered some proprietary software using an agent. A pro could’ve maybe done it faster, but I did it AFK with little knowledge about reverse engineering.
An agent could similarly try tons of attacks against online targets. Fairly sure some are doing it.