Summary: GenAI can help in assisting in Threat Response use cases by leveraging Large Language Models in providing more context and accelerating validation and triage.
Today Generative AI is good at:
Translating alerts from one language to another. Generating summary from existing data Investigation Guidance - providing helpful steps to begin detecting common type of known attacks. Help write simple queries or scripts for automated workflows When they become Good Then:
Speed - Help Reduce MTTD for common attack types. Augment staff-shortage by offloading low-value tasks from Security Teams. How should I begin to detect advanced threats? Help writing advanced threat investigation queries. Generating Hypothesis and investigating previously unknown attacks Help simulate diverse attack scenarios.