Shulou(Shulou.com)11/24 Report--

September 22, deeply convinced to show the safety GPT landing results and 2.0 upgrade ability. Authoritative guest representatives from various industries: Midea Group Chief Information Security Officer (CISO) and President of Software Engineering Academy, Academician of European Academy of Sciences (MAE), IEEE Fellow, IET Fellow, ACM Distinguished Scientist, AAIA Fellow Liu Xiangyang, Senior Manager of Information Security Department of Beiqi Foton Automobile Co., Ltd. and Senior Manager of Network Security Department of Ouhui New Energy, Wang Junmin, Research Director of IDC Consulting Co., Ltd., Li Shaopeng, founder of Digital Consulting, stand from multiple perspectives. The application effect and trend analysis of safety large model are discussed.

Liang Jingbo, general manager of R & D of Shenxin Technology, and Shenxin security attack and defense experts demonstrated the bright spot ability of GPT 2.0 upgrade, among which "intelligent driving" can help users to operate safely and independently, realize 30 seconds to judge and contain threats, and reduce the average closed-loop time of single event by 96.6%.

Security GPT 2.0 upgrade

Start a safe operation "smart driving" journey

Committed to improving the effect and efficiency of threat confrontation by intelligent means, enabling organizations to fight strong enemies, the brand-new upgraded Deep Convincing Safety GPT has realized the evolution from "1.0 assisted driving" to "2.0 intelligent driving." Behind this, what remains unchanged is the detection and judgment effect of security GPT on threats such as 0-day vulnerability and APT covert intrusion. What changes is the efficiency and ability jump from "minute-level closed loop, ten-fold efficiency improvement, million-level cost reduction" to "second-level closed loop, hundred-fold efficiency improvement, ten-million-level cost reduction".

Assisted driving: natural language conversational operation, carrying more than 80% of the analysis and investigation work

Advanced threat detection, security event interpretation, hot vulnerability investigation ability based on security GPT 1.0, and advanced intelligent driving ability based on security GPT 2.0. At present, it can carry more than 80% of alarm analysis, incident investigation, asset investigation and other work.

Upgrade 1: Support analysis, judgment and command line interpretation of terminal security alarms

Security GPT combines network-side data aggregation analysis to provide interpretation capabilities, support the interpretation of terminal command lines, threat intelligence, and malicious files, and has 5 years of professional analyst level interpretation.

Upgrade 2: Simply click the prompt question to complete the alarm research and judgment closed loop.

Security GPT has the ability to analyze and interpret whether the alarm is successful or false alarm, and by providing multiple recommended questions and guiding users to click the prompt questions continuously, a complete alarm research and judgment closed-loop work can be completed.

Intelligent driving: safe operation autonomous duty, 30 seconds to judge and contain threats

Safety GPT upgrade "intelligent driving" ability, like a virtual safety expert, sitting on the user's daily safety operation site. Based on the understanding of safety events based on the thought chain, safety GPT can independently judge, dispose and summarize all alarms and events, and can realize the closed loop of most alarms. This process, human experts do not need to have a complex dialogue with GPT, only review or review as needed. Safety GPT uses the judgment and disposal speed of large models to truly realize 30 seconds to judge and contain threats, and the average closed-loop time of a single event is reduced by 96.6%.

Upgrade 1: Independent judgment alarm, automatic disposal completed

When a safety alarm occurs, the safety GPT can independently judge and judge the incident by analyzing the data packet and querying the information, and automatically execute the measures of blocking isolation and influence surface investigation to realize one-click eradication and safety reinforcement, and generate incident reports. In the whole process, the safety operation personnel only need to review the key links and view the incident report without further operations.

Upgrade 2: Multi-mode interaction, thinking chain to ensure that judgment disposal can be explained

Safety GPT supports multi-mode interaction such as text and chart to realize event interpretation, and innovates to generate safety judgment and disposal thinking chain, and clearly transmits alarm and event analysis, judgment and thinking process. Security operators do not need to open multiple interfaces to query information, and the overall situation is clear at a glance.

Level 3: Natural language dialogue, analysis process can be explained

For any alarm and event, safety GPT can provide in-depth answers to any link of the thought chain through natural language question-and-answer dialogue, in addition to providing judgment and disposal logic of the thought chain, and assist further judgment.

Secure GPT Technology Enabling Goals:

Revolutionarily improve the effectiveness and efficiency of safety construction

With the goal of "revolutionary improvement of the effect and efficiency of safety construction", we are deeply convinced that the application of safe GPT technology can be divided into two types:

Detection of large models: As a new generation of detection engine, it detects potential intrusion activities more accurately and quickly, such as 0-day vulnerabilities, APT covert threats, etc. In this year's national attack and defense exercise, more than 150 0 0-day exploits were detected by deeply convinced security devices. The detection rate of detection equipment enabled by GPT technology reaches 90%.

Large operation model: As an intelligent assistant for safety operation, it realizes automatic duty, breaks through the bottleneck of user personnel ability and energy, and improves the efficiency and effect of safety operation.

In addition, security GPT is now fully enabled with security hosting service MSS, and the combination of service experts and "digital assistants" has become the best partner to achieve man-machine intelligence and improve quality and efficiency.

At present, security GPT supports SaaS and localization in a variety of deployment methods to meet the different needs of users.

All the time, we have been deeply convinced to adhere to the new paradigm of security architecture of "open platform + leading components + cloud services," simplify deployment by utilizing the aggregation capability of open security platforms, and weave security islands into islands. Use various components with leading technology to achieve the best safety protection effect for each scenario, and fully interconnect and cooperate with the platform and other components. Take advantage of cloud-based services to continuously and quickly gain the growth of security capabilities and underpin security effects.

Artificial intelligence is a revolutionary technology that changes the security attack and defense pattern. AI's ability should be applied faster and deeper in the hands of security operators, outpacing the evolution speed of AI in the hands of attackers. Deeply convinced that AI capabilities should be fully deployed on platforms, components, and applied to services, whether it is a large security GPT model or a relatively traditional application of AI, the possibility of being applied should be fully considered.

In the future, the security GPT capability will continue to upgrade and evolve, devoting itself to revolutionizing the effectiveness and efficiency of security construction and helping each user to "take a step ahead of safety."

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.