Artificial Intelligence & Machine Learning , Governance & Risk Management , Next-Generation Technologies & Secure Development

Generative AI: A Game Changer for Blue Teams

Mandiant's Nader Zaveri on AI-Driven Defense Tactics
Nader Zaveri, senior manager - incident response and remediation, Mandiant

With the unveiling of ChatGPT in late 2022, security leaders anticipated a bigger influx of phishing campaigns and ransomware attacks, but this surge has not yet been observed. Nader Zaveri, senior manager of incident response and remediation at Mandiant, likened it to the Nigerian prince email scam that is designed to deceive only a select few. "If you are able to discern that it is a fake email, that's not the target audience," he said.

See Also: Close the Gapz in Your Security Strategy

But ChatGPT has enabled threat actors to advance their techniques for other malicious activities, mainly deepfakes, which require a lot more human interaction. Such attacks, Zaveri said, could be countered by blue teams, with less skilled individuals using generative AI to create and analyze codes more effectively.

"There are still things out there - what they call prompt poisoning attacks - where attackers can trick AI into trying to create its code. But if you are somebody who is not skilled at coding, asking the generative AI platforms to create pieces of code - that's something the blue team is able to do a lot better," he said.

In this video interview with Information Security Media Group at Cybersecurity Implications of AI Summit: North America West, Zaveri also discussed:

  • The role AI plays in enhancing blue team capabilities;
  • How generative AI aids in threat detection and response;
  • Best practices for detecting and mitigating deepfake threats.

Zaveri has more than 15 years of experience in IT security, infrastructure and risk management domains. He has led hundreds of incident response and remediation investigations related to on-premises or cloud-based incidents and helped investigate allusive threat actors such as nation-states.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.