Keynote : AI & Future Of Offensive Security
0 likes338 views
The document discusses the challenges of traditional penetration testing and highlights the role of AI in offensive security. It outlines various AI use cases for enhancing security testing, including malware generation and attack simulations, along with the introduction of AI-powered malware such as 'Blackmamba.' The goal is to shift from proactive to continuous automated testing and red teaming to better defend against constantly evolving cyber threats.
Keynote : AI & Future Of Offensive Security
- 1. AI & Future of Offensive Security FireCompass Technologies Inc. www.firecompass.com Arnab Chattopadhyay, Chief Research Officer Nirmal Kumar, VP – Sales
- 2. Only 10% of assets covered in a single pentest Pentest done yearly/quarterly VS 2200 #Attacks / Day / IP Organizations Pentest some of the assets some of the time Hackers attack all of the assets all of the time *
- 3. AI Use Cases for Security Testing ● Malware Generation and Analysis ● Adversarial Attack Simulation ● Phishing Email Generation ● Attack Payload Generation ● Synthetic User Behavior Creation ● Password Cracking ● Autonomous Attack Path Generation ● Deepfake Image Creation ● Firewall Rule Testing ● Incident Response Training ● Content Filter Testing ● NLP for Threat Intelligence ● Security Policy Validation ● Security Documentation Review
- 4. New class of Threat - AI Powered Malware AI Powered Malware Evasion Techniques Dodge Sandbox Adapt to Environment Using previous Data New Malware Variants Anti Reversing Autonomous Smart Decisions Eliminating C2 Execute machine-speed Targeted attack Cross platform AI against AI Adversarial attack Poisoning data Steal valuable data Model stealing Bio-inspired and Swarm intelligence Bio Inspired Evolvable malware Swarm based intelligence Mutating malware
- 5. BlackMamba
- 6. BlackMamba - an AI powered malware AI-synthesized, polymorphic keylogger with on-the-fly program modification BlackMamba comprises two main components. First: Python-compiled, executable consisting of two functions and a few imports (benign component) Second: Polymorphic payload that is generated and executed at runtime, consisting of the malicious keylogging functionality
- 7. BlackMamba - Prompt Engineering
- 8. BlackMamba - Polymorphic Code Generation and Execution
- 9. BlackMamba - Data Exfiltration using MS Teams
- 10. Use AI as Hackers would…. augment your classical Security Testing with AI * Don’t bring a knife to a gun-fight
- 11. Continuous Pentesting Continuous Red Teaming External Attack Surface Management (EASM) Know Your Attack Surface Before Your Adversary Does
- 12. Why Traditional Pen Testing/Vulnerability Management Fails? Organizations Pen Test Only Partial Asset Inventory Most organizations only pentest 10-20% of their crown jewel assets. Whereas attackers are gaining initial access through the 80% peripheral assets. Organizations Pen-Test Yearly/Quarterly; Hackers Attack Continuously 40% of new CVEs have exploits available within 24 hours Hacker’s don’t wait for the yearly pen test cycle Pen-Testing Is Largely Manual, Costly & Time Consuming And we have severe talent shortage
- 13. Mission Stay ahead of hackers.. AI based Platform for Automated Pen Testing, Red Teaming & NextGen Attack Surface Management
- 14. NextGen Attack Surface Management ● Discover shadow assets in near real time ● Combine Active and Passive recon to eliminate False Positives
- 15. AI based Pen Test: Run complex multi-stage attack paths at scale ● Automate Multi Stage Attack Trees ● Safe penetration testing ● No false positives
- 16. AI based Red Teaming: Test Your Security Control Effectiveness Against Specific Adversarial Goals ● MITRE based attacks for emulating various Red Teaming objectives ● Test security control effectiveness
- 17. AI + Humans: Pen Test as a Service (PTaaS) To Reduce False Positives, Complexity and Cost ● Eliminate false positives ● Supervised and safe exploitation ● Prioritized risks with proof of exploitation
- 18. Recognized as a Leader by Gartner, Forrester & IDC in 30+ Analyst Reports • 15 Gartner reports • 3 Gartner Hype Cycles • Notable Vendor in Forrester • IDC Innovators • Leader in 2023 GIGAOM Radar • RSAC 365 Innovation Showcase
- 19. Trusted by Fortune 500 Customers & Backed by Top VCs “The tool has exceeded our expectations in identifying numerous domains and subdomains that are shown as public, but should be private.” Top 5 Telco in USA ● Top 3 global Telecom ● Top 10 IT Companies ● Top 100 Manufacturing firms ● Mid-sized Automobile Companies ● Mid-sized Banks and Financial Services Investors