A rising trend in the generative AI landscape is the utilization of generative AI for cybersecurity. And Google is keen to be an early adopter in this sector. At the RSA Conference 2023, Google unveiled the Cloud Security AI Workbench. It is a cybersecurity suite driven by a specialized “security” AI language model called Sec-PaLM.
Google’s Sec-PaLM: Fine-tuned AI Model for Security Use Cases
Google’s Sec-PaLM, a derivative of their PaLM model, is fine-tuned explicitly for security applications. It encompasses security intelligence, such as research on software vulnerabilities, malware, threat indicators, and behavioral threat actor profiles.
AI-Powered Tools for Enhanced Cybersecurity
The Cloud Security AI Workbench offers an array of new AI-powered tools like Mandiant’s Threat Intelligence AI, which will harness the power of Sec-PaLM to identify, summarize, and act on security threats. VirusTotal, another Google subsidiary, will employ Sec-PaLM to aid subscribers in analyzing and deciphering the behavior of malicious scripts.
Google’s blog post highlights that Sec-PaLM is built on the foundation of years of AI research by Google and DeepMind, as well as the in-depth expertise of their security teams. The company is eager to continue leveraging generative AI to drive advancements in security for customers and the broader security community.
Google’s Bold Ambitions in Cybersecurity, but Questions Remain
While Google’s ambitions are audacious, the efficacy of Sec-PaLM remains unproven. Currently, the VirusTotal Code Insight, the first tool in the Cloud Security AI Workbench, is only available in a limited preview. While “recommended mitigations and risk summaries” seem beneficial, it’s unclear if the suggestions generated by the AI model are significantly better or more accurate.
AI language models, even the most advanced ones, can make errors and be vulnerable to attacks, such as prompt injection, causing unintended behavior. However, this hasn’t deterred significant tech companies from investing in generative AI for cybersecurity.
Microsoft Joins the Race with Security, Copilot
In March, Microsoft introduced Security Copilot. Copilot is a new tool that leverages generative AI models from OpenAI, including GPT-4. Like Google, Microsoft asserts that generative AI will better equip security professionals to tackle emerging threats.
Also Read: Microsoft Power Platform Copilot: No Coding Era Is Coming
Generative AI for Cybersecurity: Hype or Reality?
Studies on the effectiveness of generative AI for cybersecurity are scarce, so we have yet to see the true potential of this technology. The industry will need to closely monitor the developments and performance of tools like Google’s Cloud Security AI Workbench and Microsoft’s Security Copilot. For now, it’s wise to approach the claims made by Google and Microsoft with a healthy dose of skepticism.
Also Read: Google VS Microsoft: The Battle of AI Innovation
Our Say
Generative AI continues to make strides in various industries. Thus, the potential for its application in cybersecurity is an exciting prospect. However, the ultimate success of AI-driven cybersecurity solutions hinges on how well these tools can deliver on their promises. It also depends on how they demonstrate tangible improvements in detecting and mitigating security threats.
A 23-year-old, pursuing her Master's in English, an avid reader, and a melophile. My all-time favorite quote is by Albus Dumbledore - "Happiness can be found even in the darkest of times if one remembers to turn on the light."
