Sophos: ChatGPT can be a valuable ally for cybersecurity

Sophos has published research on how the cybersecurity industry can leverage GPT-3, the language model used by the now popular ChatGPT framework, as a co-pilot that can assist in neutralizing attacks .

Valuable ally

The new report titled “Applying AI Language Processing to Cyber ​​Defenses” focuses on projects developed by Sophos X-Ops using GPT-3 language models to simplify the search for illicit activity within datasets produced by security software, filter spam more accurately and speed up attack analysis conducted via LOLbin binaries (“living off the land”). “At Sophos, we’ve long viewed AI as an ally rather than an enemy to defenders, to the extent that we have made it a cornerstone of our technology, and GPT-3 is no different. The security community should pay attention not to only to the potential risks, but also to the possible opportunities presented by GPT-3,” said Sean Gallagher, principal threat researcher at Sophos.

A co-pilot for safety experts

Sophos then tested a new ChatGPT-based spam filter and found that the GPT-3-based one was significantly more accurate than other machine learning models. Finally, Sophos researchers were able to create a program to simplify the process of reverse engineering the command lines of LOLbin files – a notoriously difficult task but also essential for understanding these attacks and being able to block them in the future. “We have proven that, with a resource like GPT-3, we can simplify some really cumbersome processes and give back precious time to those who defend themselves. We are already working to integrate some prototypes into our products and we have made the results of the our efforts for those interested in testing GPT-3 in their own analysis environments.We are convinced that in the future GPT-3 could become a standard co-pilot for safety experts,” concluded Gallagher.