Securonix, a Unified Defense SIEM provider, has announced a new integration with ChatGPT, leveraging generative artificial intelligence (AI) capabilities to empower security analysts, threat hunters, and content administrators. This integration aims to boost efficiency, reduce investigation time, and expedite problem resolution by enabling professionals to harness the power of Large Language Models through ChatGPT.
The new generative AI functionality, known as Securonix Investigate, empowers security professionals to interact with AI models using natural language, seamlessly asking questions and obtaining responses alongside the contextual information gathered by Securonix Investigate. As investigations progress, the system updates context in real-time, ensuring analysts have the most current and comprehensive details at their disposal. The resulting knowledge and insights can be instantly shared across teams, facilitating a deeper understanding of observations and streamlining investigations to reduce mean time to respond to threats.
“The widespread adoption of Large Language Models in generative AI, like ChatGPT, bolsters the capabilities of cybersecurity professionals everywhere,” said Nayaki Nayyar, CEO, Securonix. “The introduction of generative AI functionality into Securonix Investigate is the first step in a series of initiatives we are undertaking to improve cybersecurity operations. We remain steadfast in harnessing the power of innovation and deploying cutting-edge solutions that make our clients, partners and end users safer.”
To address potential data leakage concerns when using ChatGPT, Securonix Investigate incorporates customizable security controls. These controls prevent the exposure of sensitive information like internal IP addresses and domain names. Access to the function is restricted to authorized personnel only, and the system scrubs sensitive data within ChatGPT responses. Audit logs are utilized to configure detections, alerting organizations to compliance issues or data leaks. Additionally, initial prompts are validated to establish a common frame of reference, while response limits help minimize the risk of hallucinations. Human oversight remains a crucial element, allowing teams to cross-reference ChatGPT responses against authoritative sources.
The integration empowers various teams within organizations to utilize ChatGPT in Securonix Investigate effectively. Threat hunters can seek guidance from ChatGPT on searching for specific Indicators of Compromise (IOCs) during investigations. SOC analysts can obtain insights on unfamiliar technologies or decode PowerShell commands for quick integration directly within the Securonix Investigate window, streamlining workflows and eliminating context switches. Content administrators can use ChatGPT to generate search queries, streamlining the search process within Securonix.
“Generative AI and Large Language Models are revolutionizing the cybersecurity landscape,” said Paul Battista, CEO, Polarity.io. “Integrating these tools into Securonix Investigate with Polarity enables our shared vision to uplevel security teams and dramatically improve time to resolution. The experience when using generative AI needs to be seamless for users and drive practical value while ensuring that the necessary security and privacy controls have been considered.”
The integration of ChatGPT in Securonix Investigate represents a significant leap forward for the company in cybersecurity technology, providing powerful AI capabilities to combat threats effectively and safeguard critical systems and data.