Picus Security today added an artificial intelligence (AI) capability to enable cybersecurity teams to automate tasks via a natural language interface. The capability, enabled by OpenAI, leverages the existing knowledge graph technologies from Picus Security.
Dubbed Picus Numi AI, the company is making use of a large language model (LLM) developed by Open AI to provide access to a natural language interface. That interface is integrated with the Picus Exposure Graph, which is at the core of Picus Security Validation Platform.
Picus Security CTO Volkan Ertürk said that its approach prevents sensitive cybersecurity data from being inadvertently shared with an LLM.
The overall goal is to democratize cybersecurity by reducing the overall level of expertise currently required to automate processes, Ertürk explained. In addition to using natural language queries to generate recommendations for improving their cybersecurity posture, cybersecurity and IT professionals can also automate responses to attacks that the Picus Exposure Graph visually tracks.
The Picus Exposure Graph tracks more than 70 billion relationships, which span everything from attack simulations and mitigation to threat actors, malware and known vulnerabilities. The insights surfaced make it possible for cybersecurity teams to, for example, identify which types of malware strains might represent the biggest threat to a specific IT environment in a given period of time.
It’s not clear to what degree cybersecurity teams are embracing AI, but an inevitable arms race is already underway. Cybercriminals are already leveraging generative AI to develop code that enables them to create new types of malware or customize existing strains, for example, in ways that are more difficult to detect. It’s now only a matter of time before cyberattacks increase in both volume and sophistication as cybercriminals become more adept at using AI technologies for nefarious purposes.
The issue organizations encounter is, as always, coming up with the funding needed to acquire AI platforms — everyone hopes — will level a playing field that is already lopsided against defenders. The longer it takes to acquire and deploy an AI platform, the greater the chance cybercriminals will use AI to overwhelm existing defenses.
On the plus side, most cybersecurity teams don’t necessarily need a lot of data science expertise to benefit from AI. In fact, as natural language interfaces make cybersecurity platforms more accessible, it should become easier for IT professionals with limited cybersecurity expertise to manage more security operations (SecOps) tasks. That should help reduce the chronic cybersecurity skills shortage that has limited organizations’ ability to acquire new cybersecurity platforms simply because they had no one capable of managing them, noted Ertürk.
In the meantime, there is already no shortage of cybersecurity platforms with varying degrees of AI capabilities. The challenge now is distinguishing the ones that merely use AI to assess an IT environment versus also providing the ability to automatically orchestrate a series of tasks to thwart attacks in progress. After all, knowing where an organization is vulnerable is helpful when it comes to preventing an attack. Being able to do something about an attack in progress without having to mobilize a small army of IT professionals is a whole other level of automation.