Generative AI is taking the IT security industry by storm. Every vendor has a story to tell about new use cases or how they are incorporating generative AI and large language models (LLMs) into their security offerings, including Microsoft and Google. Generative AI and LLM training are multimillion-dollar endeavors. Although ChatGPT is frequently discussed, it is only useful today in the security space because of constraints placed on it, including no access to the live Internet and safety tuning. However, security practitioners live very much in the now, with zero-day threats and an endless flow of new threats, tactics, and techniques. Connecting generative AI to the local enterprise data store and allowing access to the Internet are necessary to realize the full potential of this revolutionary technology. Leading security providers are doing just this by allowing Internet access, providing APIs to their security-specific generative AI solutions, and training the LLMs against their vast troves of security intelligence. Therefore, it is appropriate for forward-leaning security services providers and enterprise security leaders to think about the role of generative AI in a security operations center (SOC), including infusing tools and processes with this powerful capability.
Full opinion : How to Put Generative AI to Work in Your Security Operations Center.