Course Overview
A workshop to learn and apply the best practices of generative AI for improving cybersecurity processes.
Course Content
It will cover scenarios and best practices, as well as practical and roundtable exercises, all with the goal of designing the future blueprint of your AI-augmented cybersecurity organization.
Scenarios and Best Practices
In this section, you will learn about the various ways that generative AI can help you streamline and optimize your cybersecurity processes, such as:
- Generating threat intelligence reports from raw data, indicators, or natural language queries
- Generating incident response plans from incident details, best practices, or templates
- Automating the creation of rules, policies, and signatures from code snippets, examples, or specifications
- Automatic generation of security awareness content from topics, keywords, or outlines
- Generating realistic phishing emails for training and awareness purposes.
- Generating realistic log data for testing and validating security monitoring and analysis tools.
- Smarter triage and analysis with data enrichment, query generation, and anomaly detection
- Identifying security issues with code scanning, vulnerability detection, and code remediation
Practical exercises
In this section, you will get hands-on experience with some of the tools and frameworks that enable generative AI for cybersecurity, such as:
- Exploring Security-focused generative AI tools such as Microsoft Copilot for Security, Google Chronicle Security operations, Google Cloud Security AI Workbench
- Advanced hunting scenarios leveraging powerful query generation for exploring vast log-based solutions
- Using various generative AI tools to generate threat intelligence, incident response, and security policies from natural language queries
- Leveraging GitHub Copilot or Duet AI for Developers to identify and fix vulnerabilities in the code
- Writing complete incident documentation with the power of generative AI tools
- Documenting cybersecurity policies and procedures with the assistance of generative AI
- Using generative AI to create security awareness content (e.g., newsletters, posters, videos, etc.) from topics or outlines
Roundtable exercises
In this section, you will work in teams to create your own strategy for AI augmenting your cybersecurity organization based on a series of tasks and challenges, such as:
- Identifying the pain points and opportunities for improvement in your current cybersecurity processes
- Selecting the best practices and tools that suit your needs and goals
- Identifying roles inside organizations that will gain the most from the generative AI tools
- Explore the possibilities of hiring different types of SoC analysts empowered by generative AI solutions (i.e., AI Augmented SoC Analyst – generalist vs. domain
- specialist)
- Designing the future of your augmented cybersecurity organization
- Planning and prioritizing the implementation steps and milestones
- Identifying the change agents (early adopters) in your teams who can help you drive the process
- Measuring and evaluating the impact and benefits of generative AI for your cybersecurity outcomes
Who should attend
This workshop is designed for cybersecurity teams and organizations that want to leverage the power of generative AI to enhance their detection, response, and prevention capabilities.
Outline: AI Augmented Cybersecurity Organization (AIACO)
Day 1:
- Welcome and icebreaker activity
- Lecture: What is generative AI and why it matters for cybersecurity
- Lecture: Best practices, use cases, scenarios and case studies for generative AI in cybersecurity organizations
- Team discussion 1: Ideation – identify the pain points and choose which gen AI scenarios can help
- Hands-on session 1: Explore and experiment with basic use cases for gen-AI powered security tools
- Team discussion 2: Team Environment – designing the future state of your organization by mapping chosen gen AI scenarios to team roles
- Team discussion 3: Redesign the process and prepare for proof of concept – choose the app/workload and create a plan
- Wrap up and feedback
Day 2:
- Recap & Q&A
- Hands-on session 2: Generative AI in Advanced hunting – explore vast log database by generating powerful queries from natural language
- Lecture: How to measure and evaluate the impact and benefits of generative AI for your cybersecurity outcomes? How to address the ethical and social implications?
- Team discussion 4: Identify KPIs - impact of the proposed gen AI implementation on internal processes, finance, business in general
- Team discussion 5: Putting it all together – create a final proposal for the new AI augmented organization
- Group presentation: Showcase your AI augmented app cybersecurity organization
- Group feedback: Provide and receive constructive feedback
- Closing remarks and next steps