How Large Language Models (LLMs) are revolutionizing cybersecurity
Learn about their impact on incident response, threat intelligence, and SOC augmentation.
Introduction
Hello everyone, I’ve been eager to share my insights on how LLMs can enhance our daily security workflows. After experimenting with LLMs over the past year, I’m excited to present concrete applications and insights. I think it’s also an opportunity to start writing content, which is why I created this Medium account. I plan to release content whenever I cover new topics (juggling between my work hours, side-projects, and my life as a dad and husband).
Background
For those who are new here, I’d like to share a bit about my background. My journey in infosec began in 2015, starting in operational cybersecurity with a focus on incident response. As my career progressed, I transitioned into R&D, where I now work on building next-generation cybersecurity solutions. My passion for technology has always driven me to explore and share emerging technologies like LLMs.
Discovering LLMs
I first encountered LLMs shortly after ChatGPT’s release. Despite not having a background in AI or machine learning, I was quickly impressed by their capabilities. I started using LLMs for everyday tasks and exploring their limitations, such as hallucinations and context size.
From idea to implementation
With the release of APIs, I began integrating LLMs into cybersecurity applications. In September, Mistral AI’s new model inspired me to implement several projects:
- Cyber news tracking: Monitoring emerging threats.
- CTrag: A cyber threat intelligence chatbot.
- SOC Analyst Agent: Enhancing SOC analyst capabilities.
- Secret Project: Stay tuned for details ;)
The role of LLMs in cybersecurity
LLMs won’t replace cybersecurity professionals but will significantly enhance our capabilities. They can process vast amounts of information more objectively and efficiently. LLMs also utilize function calling to interact with real-world tools, automating tasks and prioritizing alerts.
And now what ?
I’m preparing my next post, focusing on how you can download and use LLMs even without a powerful GPU. I’ll provide Google Colab Notebooks with access to a Nvidia T4 for free. We’ll explore the intersection of cybersecurity and LLMs in greater detail.
