Bsides Seattle 2025
press ? for help, space for next slide
AI FOR security
Slideshow note
- This includes text to speech as a substitute for me
- press ? for help navigating
- press o for an overview of the slides
- simply pressing space will advance to the next slide
- press t to toggle speech on/off
Big Idea
- Security teams should USE AI
- AI can help you reduce toil
- AI can give you that time back to do other things
- AI can help you do things you wouldn’t normally be able to do
What this talk is
- Actionable: how to use AI in your security program
- Live DEMOS (demo gods beware)
- Practical
What this talk is not
- An intro to AI
- Threat modeling of AI
- A discussion of what model is best
- Perfect. I’m not a perfect speaker, I don’t know everything, AI moves fast!
General productivity
Off the shelf FTW
- Video/meeting note taking
- Summarizing compliance docs like HITRUST, NIST, etc or customer contracts
- Write Policy documents
Demo: Vibe GRC!
- VibeAI: not just for developers
- Writing policy without writing policy
- Input: HITRUST
- Output: Policy
Policy
Summarize yer SOC
Idea
- How much effort do you put into daily summaries, shift turnover notes, upstream reporting, etc from your SOC?
- Maybe you don’t do it at all because it’s a pain?
- AI can help you with repeatable, punctual, predictable summaries
- Gives you that time back, or creates insights you wouldn’t have otherwise had
Demo
- Summarizing daily SOC activity
- Input: SOC alerts
- Output: Daily summary
SOC Summary
SOC Summary via code
- see ./demos/summarize-the-soc/
- The sample file of alerts is from this repo
Get credit for your work
Idea
- Follow Daniel Meissler’s alma security program markdown template and use it to get credit for those big projects you got across the line, or remind you of why you pivoted.
Demo
- Manage your security program with AI
- Input: Security program described in markdown
- Output: Conversations about your security program
Alma Security Program Demo
- see ./demos/get-credit-for-your-work/
- The alma.md file is from this repo
- The main.py uses this file to have a conversation about your security program using your selected LLM
Alma Security Program Video
Risk analysis
Idea
- Give AI the framing of a project/initiative
- Have it prompt you through a risk analysis
- Uses a team of agents
Demo
- Use a team of risk experts acting together to get a risk analysis of a sample project
- Input: Project description
- Output: Risk analysis
- Code available here
Team of Risk Experts
Video: Team of Risk Experts
Agents to explore your data
Idea
- Chat with your SOC, ticketing or other data stores to see what insights they may have without writing SQL/etc
Demo
- Have a conversation with your data.
- Input: SOC data, vulnerability data
- Output: Conversational interaction with your data.
- Code available at: https://github.com/jeffbryner/illuminAIte