⏱️ 09/16 (Sat.) 13:30-14:00 at R1 - 1st Conference Room
As a blue team on the defense side, we approach cybersecurity with different perspectives compared to the red team. Our considerations go beyond accuracy in handling large-scale data; we also prioritize compliance with government cybersecurity regulations, response time, and cost-effectiveness. Throughout our journey, our team has extensively researched using Machine Learning automation in the investigation of large-scale cybersecurity incidents. We have integrated AI into various analytical aspects, from endpoint event correlation and Cmdline analysis using CmdGPT to an AI virtual analyst that automatically generates forensic reports.
Starting last year, we introduced a new generation of large-scale language models into our blue team AI assistant, enabling automated cybersecurity incident handling and case management. In this presentation, we will share our practical experiences and exclusive insights on how cybersecurity teams can leverage AI effectively, along with showcasing real-life case studies.
作為防禦方的藍隊有許多與紅隊切入角度不同的思維,不但需要考慮到大規模資料量下的準確度,為了符合政府的資安規範,也更加注重反應時間與成本。一直以來,我們團隊對於大規模的資安事件,在調查中使用 Machine learning 自動化方法做了許多研究,將 AI 導入到各個分析面向,從端點事件關聯、分析 Cmdline 的 CmdGPT,以及 AI 虛擬分析師自動產生鑑識報告,而到去年開始,我們為藍隊 AI 助手導入了新一代的大型語言模型,以進行自動資安事件處理與自動案件管理。這場演講中,將透過我們的實務經驗,獨家分享資安團隊該如何正確使用 AI,並分享實際的案例。
😊 Share this page to friends:
Founder of CyCraft, with over 15 years of expertise in cybersecurity research, actively engaged in Taiwan's cybersecurity technology community. Specializing in developing automated analysis systems, hacker activity analysis, malicious program analysis, and machine learning algorithms. Has presented professional cybersecurity research at various internationally renowned conferences such as Black Hat, DEFCON, SyScan, HITCON, FIRST, AVTokyo, HTICA, OWASP Asia, and iThome CYBERSEC. Proficient in delivering humorous and lively speeches to impart cybersecurity knowledge.
As a prominent serial entrepreneur in Taiwan's cybersecurity industry, co-founded the first startup dedicated to developing APT defense products in 2011 with Wu Ming-wei (Benson). In 2014, the company received recognition and acquisition from an Israeli cybersecurity company listed on the NASDAQ. Currently, the CyCraft team focuses on the integration of artificial intelligence and cybersecurity technology.
CyCraft 創辦人,超過 15 年的資安技術研究專家,活耀於台灣的資安技術社群,以開發自動化分析系統、駭客活動分析、惡意程式分析、機器學習演算法為主要研究範疇,多次在國際知名研討會發表專業的資安技術研究,如 Black Hat、DEFCON、SyScan、HITCON、FIRST、AVTokyo、HTICA、OWASP Asia 與 iThome CYBERSEC 等,擅長透過詼諧生動的演講傳授資安知識。而身為臺灣資安界著名的連續創業者,曾於 2011 年與吳明蔚 (Benson) 共同創立臺灣第一家專門研發 APT 防禦產品的新創公司,並在 2014 年受到美國 NASDAQ 的以色列資安公司肯定與併購。目前創辦的 CyCraft 團隊則專注在人工智慧與資安科技領域的結合上。
😊 Share this page to friends:
😊 Share this page to friends: