Facebook Google Plus Twitter LinkedIn YouTube RSS メニュー 検索 出典 - ブログ 出典 - ウェビナー出典 - レポート出典 - イベントicons_066 icons_067icons_068icons_069icons_070

Tenable ブログ

ブログ通知を受信する

生成系 AI を活用した革新的なサイバーセキュリティの未来

How will generative AI change cybersecurity?

Generative AI will elevate the practice of successful preventive cybersecurity, but how will it manifest itself across cybersecurity products? Here are a few game-changers to look for.

Recent breakthroughs in generative artificial intelligence (AI) tools like ChatGPT have sparked a firestorm of debate about how to harness the power of the technology for good while minimizing its potential for harm. In cybersecurity, the promise of generative AI is leading organizations of all sizes to evaluate, experiment and engage with AI in new and exciting ways — and generating an awful lot of noise in the process. Making sense of it all can be daunting, but it all boils down to two key factors: a revolutionary new user experience and a spotlight on data quality.

A new cyber UX

In my view, the reason the technology world is getting excited about AI is because, for the last 60 years, we've had the same experience on computers. Of course, user experience has improved in that time, but we’re still operating with the same basic structure: command line, windows, files and widgets. Machine learning and AI have already revolutionized the way systems operate behind the screen. Generative AI is going to change the way humans interact with software, computing devices and the cloud. Asking questions just as we would address another human being will become our new user interface and search tool, making using a computer as easy as talking to a person — albeit one who has all the patience in the world.

Driving cyber efficiency and productivity

When it comes to sectors like cybersecurity, which is already saddled with a skills deficit, generative AI can be a force multiplier, opening up new career opportunities for professionals who would not have previously been able to serve without assistance. It is also about raising the game — everybody’s game — in cybersecurity. Because, right now, cyber defenders are not always winning the war. According to a commissioned study of 825 security and IT professionals conducted by Forrester Consulting on behalf of Tenable, nearly six in 10 respondents (58%) say the security team is too busy fighting critical incidents to take a preventive approach to reduce their organization’s exposure. The vast majority (73%) believe their organization would be more successful at defending against cyberattacks if they could devote more resources to preventive cybersecurity.

AI strategy rhymes with data strategy

AI has the potential to tilt the odds in favor of defenders, but it is only as effective as the data it’s built on. AI and data are the yin and the yang. If you have unique data then you’re going to have unique intelligence guiding your decisions. It’s truly “garbage in, garbage out” — or “gold in, gold out” — depending on your sources. It all starts with gathering your cyber data. According to the Forrester study, most organizations have to pull data from at least nine different sources, including cloud findings; threat intelligence feeds; incident-readiness assessment findings; vulnerability disclosures; penetration test findings; and external attack surface findings. To be truly effective in the practice of preventive cybersecurity, AI requires breaking down silos to enable defenders to take the data from their mix of multiple cybersecurity point solutions and use it to create something wholly new. And they have to rely on multiple systems/methods to pull all that data together: aggregation tools, internal data lake, and the old reliable multi-tabbed spreadsheet. For all these reasons, data integration is the essence of the Tenable One Exposure Management Platform. The approach is as simple as it is powerful: Let us bring all preventive security data into one single data lake so we can prioritize, contextualize and apply generative AI.

AI game-changers to look for in cybersecurity

Now, when it comes to using AI in cybersecurity, what can we expect? You can definitely expect a “gold rush” from your favorite security vendors. Everyone is succumbing to the siren's song of large language models (LLM). Watch for the hype: machine learning is a subfield of AI, and traditional AI is not generative AI. So, what will emerge from the early adoption of generative AI across security products and vendors? Here are three simple design patterns to look for in any AI-powered cybersecurity solution:

  1. Does it offer natural-language search? Major security categories — such as preventive exposure management, security information and event management (SIEM), extended detection and response (XDR), and user and entity behavior analytics (UEBA) — are already data-centric. With so many data points to analyze, effective search is critical. The potential for AI to deliver natural language-based search functionality is a game changer for cybersecurity professionals. For example, imagine it is December 13, 2021, and you’re a vulnerability management analyst. Log4Shell was recently disclosed, affecting instances of Apache Log4j everywhere. According to Tenable telemetry, in December 2021 one in 10 assets was vulnerable to Log4Shell, including a wide range of servers, web applications, containers and IoT devices. Such zero-day disclosure is a big deal. You'd need to drop everything and get to work — you'd be on the hunt to find Log4j across your disparate environments. If you had an exposure management solution, it would have already collected all the data across your IT, OT and public cloud environments. Somewhere in that data lake would lie the answer you are looking for: “Where is log4j in my environment?” Finding all these instances would require formulating a complex query in a cryptic query language and scrambling to digest the details of a vendor’s data model. If you had the additional power of LLM, you'd no longer need to be a master of complexity. You would simply type ”Show me where I have Log4j across my IT, OT and Amazon Web Services (AWS) cloud?” and voila! Science fiction? Not at all. This is the art of the new AI possible.
  2. Does it explain? We all know this: Cybersecurity is hard. It takes years to fully train security professionals across the myriad of tools and disciplines of cybersecurity. Generative AI can explain, in plain and simple words, the particulars of a given vulnerability. It can explain its criticality and how it would be exploited by an attacker. It can provide clear guidance on each step along the way to fixing it. It can explain a new advanced persistent threat (APT) or an indicator of compromise (IoC) alert popping up in the security operations center (SOC) at 1:00 a.m., when an exhausted security analyst has little time and context to decide whether the alert is a false positive or needs to be escalated for hunting. Any experienced security analyst would realize great value from AI. Instead of being overwhelmed by security issues, they’d be able to quickly churn through all the vulnerabilities and exposures and automate much of their response. しかも、それだけではありません。In addition to easing the challenges faced by seasoned security analysts, the ability of generative AI to explain everything cyber opens up opportunities for those who have not been educated in cybersecurity to now play a role. They’d have a co-pilot to guide them, explain what they're looking at, teach them and ultimately make them more productive. That’s a boon for everyone in cybersecurity.
  3. Does it guide action? A well-trained AI tool can act as a de facto assistant — a “sherpa” if you will. Soon, I would expect every cyber product to be accompanied by a chatbot. This cyber assistant, or co-pilot or sherpa, would steer you to identify the right actions to take across the varied terrain of specialized cyber solutions by answering any question in any language. Prompt-based interfaces, powered by vendor-specific data and intelligence built on LLM, using embeddings or fine-tuning, will indeed be the norm, making it quicker and easier for users to prioritize their remediation decisions. Indeed, the likes of Google Virtex AI, OpenAI GPT-4, LangChain and many others have made such capabilities accessible to any developer. The user experience of cybersecurity is about to change forever.

まとめ

AI has the potential to change how cybersecurity professionals search for patterns, how they explain what they’re finding in the simplest language possible, and how they decide what actions to take to reduce cyber risk. The next phase of AI development will be even more compelling. Specialized cyber models will be capable of finding patterns and anomalies in your cyber data on their own and at superhuman speeds. They will also be capable of quickly identifying and automating critical actions that need to be taken. These capabilities will make preventive cybersecurity possible at scale. With the support of AI, preventive cybersecurity practices will become increasingly effective, perhaps someday enabling defenders to stay one step ahead of attackers.

もっと詳しく

関連記事

役立つサイバーセキュリティ関連のニュース

Tenable エキスパートからのタイムリーな警告とセキュリティガイダンスを見逃さないように、メールアドレスをご入力ください。

Tenable Vulnerability Management

最新のクラウドベースの脆弱性管理プラットフォームにフルアクセスし、これまでにない精度で全資産の表示および追跡が可能です。

Tenable Vulnerability Management トライアルには、Tenable Lumin と Tenable Web App Scanning も含まれています。

Tenable Vulnerability Management

最新のクラウドベースの脆弱性管理プラットフォームの全機能にアクセスして、これまでにない精度で全ての資産を確認、追跡しましょう。 年間サブスクリプションをご購入ください。

100 資産

サブスクリプションオプションを選択してください。

今すぐ購入する

Tenable Vulnerability Management

最新のクラウドベースの脆弱性管理プラットフォームにフルアクセスし、これまでにない精度で全資産の表示および追跡が可能です。

Tenable Vulnerability Management トライアルには、Tenable Lumin と Tenable Web App Scanning も含まれています。

Tenable Vulnerability Management

最新のクラウドベースの脆弱性管理プラットフォームの全機能にアクセスして、これまでにない精度で全ての資産を確認、追跡しましょう。 年間サブスクリプションをご購入ください。

100 資産

サブスクリプションオプションを選択してください。

今すぐ購入する

Tenable Vulnerability Management

最新のクラウドベースの脆弱性管理プラットフォームにフルアクセスし、これまでにない精度で全資産の表示および追跡が可能です。

Tenable Vulnerability Management トライアルには、Tenable Lumin と Tenable Web App Scanning も含まれています。

Tenable Vulnerability Management

最新のクラウドベースの脆弱性管理プラットフォームの全機能にアクセスして、これまでにない精度で全ての資産を確認、追跡しましょう。 年間サブスクリプションをご購入ください。

100 資産

サブスクリプションオプションを選択してください。

今すぐ購入する

Tenable Web App Scanning を試す

Tenable One サイバーエクスポージャー管理プラットフォームの一部として、最新のアプリケーション向けに設計された最新のウェブアプリケーションスキャンサービスを完全な形でご利用いただけます。手作業による労力や重大なウェブアプリケーションの中断なしに、脆弱性のオンラインポートフォリオを安全に高精度でスキャンします。 今すぐサインアップしてください。

Tenable Web App Scanning トライアルには、Tenable Vulnerability Management と Tenable Lumin も含まれています。

Tenable Web App Scanning を購入

最新のクラウドベースの脆弱性管理プラットフォームの全機能にアクセスして、これまでにない精度で全ての資産を確認、追跡しましょう。 年間サブスクリプションをご購入ください。

5 FQDN

3,578ドル

今すぐ購入する

Tenable Lumin を試用する

Tenable Lumin で、サイバーエクスポージャー管理の視覚化と調査、経時的なリスク削減の追跡、同業他社とのベンチマークの実施が可能です。

Tenable Lumin トライアルには、Tenable Vulnerability Management と Tenable Web App Scanning も含まれています。

Tenable Lumin を購入する

営業担当者に連絡することで、Tenable Lumin がどのように組織全体のインサイトを獲得し、サイバーリスクを管理するのに役立つかをご確認いただけます。

無料で Tenable Nessus Professional を試す

7 日間無料

Tenable Nessus は、今日の市場で最も包括的な脆弱性スキャナーです。

新 - Tenable Nessus Expert
利用可能に

Nessus Expert にはより多くの機能が追加されています。外部アタックサーフェスのスキャン機能や、スキャン対象となるドメインの追加とクラウドインフラのスキャンなどが含まれています。Nessus Expert を試してみるにはここをクリック。

Nessus Pro のトライアルをお求めの場合、下のフォームに入力してください。

Tenable Nessus Professional を購入

Tenable Nessus は、今日の市場で最も包括的な脆弱性スキャナーです。Tenable Nessus Professional は、脆弱性スキャンプロセスの自動化を支援し、コンプライアンスサイクルの時間を節約し、IT チームの関与を可能にします。

複数年ライセンスをご購入いただくと割引が適用されます。拡張サポートを追加すると、24 時間x365 日、電話、コミュニティ、チャットサポートにアクセスできます。

ライセンスをお選びください

複数年ライセンスをご購入いただくと割引が適用されます。

サポートとトレーニングを追加

無料で Tenable Nessus Expert を試す

7 日間無料

最新のアタックサーフェス用に構築された Nessus Expert を使用すると、拡大された領域が可視化でき、IT やクラウド資産に潜む脆弱性から企業を保護できます。

すでに Tenable Nessus Professional をお持ちですか?
Nessus Expert にアップグレードすると、7 日間無料でご利用いただけます。

Tenable Nessus Expert を購入

最新のアタックサーフェス用に構築された Nessus Expert を使用すると、拡大された領域が可視化でき、IT やクラウド資産に潜む脆弱性から企業を保護できます。

ライセンスをお選びください

複数年ライセンスの場合、よりお求めやすい価格でご購入いただけます。

サポートとトレーニングを追加