Skip to content
Tiatra, LLCTiatra, LLC
Tiatra, LLC
Information Technology Solutions for Washington, DC Government Agencies
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact
 
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact

How AI continues to reshape the cybersecurity arsenal

As civilization advances, so does our reliance on an expanding array of devices and technologies. With each passing day, new devices, systems and applications emerge, driving a relentless surge in demand for robust data storage solutions, efficient management systems and user-friendly front-end applications. This rapid pace of technological evolution mirrors the exponential growth of the human population and our insatiable thirst for innovation and convenience.  

From smartphones and wearables to IoT devices and cloud infrastructure, the breadth and complexity of our digital ecosystem continues to expand at an unprecedented rate. This necessitates continuous adaptation and innovation across various verticals, from data management and cybersecurity to software development and user experience design. As we navigate this ever-evolving landscape, the need for scalable, agile and resilient solutions becomes increasingly paramount, ensuring that we can effectively harness the power of technology to address the challenges and opportunities of the modern world.  

With all these areas spreading their poised feet into the digital era of human transformation, the number of vulnerabilities and open doors to bypass the devices to reach the backend servers, manipulate data, exfiltrate information, compromise systems and harness all the critical information spread across the deep and dark web becomes prominent. We all witnessed the recent WazirX breach in which the cryptocurrency exchange lost $230 million in a major attack, the Disney leak revealing the financials, strategic information and PII data of employees and customers and the Tencent breach of 1.4 billion user details. This reimposed the need for cybersecurity leveraging artificial intelligence to generate stronger weapons for defending the ever-under-attack walls of digital systems.  

Let’s talk about strengthening the four major pillars from an attacker’s perspective, as they form the core of any organization’s security.  

1. Source code analysis tools  

Static application security testing (SAST) is one of the most widely used cybersecurity tools worldwide. Yet, a common issue faced with almost all of them (including commercial ones) is a super-high number of false positives. These can be a real time-suck for secops personnel, causing them to invest time and energy into researching the fixes of those so-called critical bugs which may just be ‘low’ or ‘informational’ in many cases. This is primarily due to factors such as:  

Lack of real-life data  

The source code of most organizations is proprietary, and the tool itself is not allowed to collect any insights from it. Insights can be particularly useful, like which code snippet was falsely marked as vulnerable or which vulnerabilities were missed. The absence of real-life scenarios doesn’t let the tool evolve.  

Limited support of languages  

While programming languages keep evolving with new versions, upgrades and extensions, it is difficult for the OEMs of SAST to keep up with such progress. There is therefore a very limited number of languages supported, with even lower support for evolving packages.  

Non-curated solutions  

The most challenging but lucrative feature of a SAST can be to evolve as per the patterns of an organization’s code. Every organization follows some coding practices and guidelines. Also, most of them have a set of secrets, variables and redundant strings in the code. Having a SAST tool that identifies the common pattern of bugs in developer code and curates (let’s say) training sessions, or (even better) looks out for those vulnerabilities more thoroughly and with stricter rule sets, can very well prove to be a game-changer.  

With generative artificial intelligence (genAI) entering the arena, many practical applications, which seemed like a distant dream just a couple of years ago, are taking shape. SAST is no different. Many organizations have internally acknowledged the challenges listed above and started to integrate supervised learning models with their offerings. One such company is a large Indian bank with more than 5 million customers who was repeatedly getting half a million issues in code despite adjustments and tweaking of configurations in a popular commercial SAST tool. They rectified the issues as they started to train a model that detects false positives in secrets detection, looks for workarounds, better understands the API integrations and ultimately reduced the false positives by 40% in two months. This drastically reduced the man-hours which were being spent in verification. 

With a powerfully integrated AI model, the modern SAST can be expected to have: 

  • Company-specific rule sets and secrets detection. The model gets more refined and produces fewer false positives as it is used over time.
  • Inclusion of further programming languages, with the ability to be trained by developers of each organization with minimal effort.
  • Submission of insights learned from every model installed in every organization, getting better every day without collecting the proprietary code. 

2. Automated application scanning tools  

Again, a wide set of pen testing tools fall under this umbrella (both open source and commercial). These are sophisticated tools because of the number of tasks they need to execute and based on the technologies with which they need to be compatible for fluent running. Some of the best-automated security scanners have millions of lines of code and are always under development, bug fixes and compatibility updates since they need to match with ever-evolving technologies, platform advancements, language adaptations and security guidelines. 

Modern-day automated application security scanners can perform logins, record macros, request throttles based on server responses, identify vulnerabilities and exploit them via hundreds of different techniques. Yet, even if we run the same tool on 100 different applications, the tool hardly ‘learns’ from each test!  

This is where AI is going to create an impact. With each application tested, the model will be made to learn the mistakes developers are repeatedly making, the capability to bypass CAPTCHAs/firewalls, reduce noise by eliminating impossible test cases as per the environment, tailor the payloads to suit the environment and most importantly, learn from every assignment about what was a false positive and what was missed. Further, we can train the model to generate graphs and pointers for management to look at the most common vulnerabilities, and their impact based on the severities and financial impact to the organization.  

This massive shift in the dynamic application security testing (DAST) sector of cybersecurity, while evolving the way the current tools work and generate reports, can change the complete lifecycle of development, create a coding practice viable for all to adapt for adequate security for the organization and evolve with it to make all advancements secure.  

3. Red teaming weaponry  

Red teaming in cybersecurity represents a dynamic and comprehensive approach to assessing and enhancing an organization’s security resilience. It involves the simulation of sophisticated cyberattacks by skilled professionals, often referred to as red teams, who emulate the tactics, techniques and procedures (TTPs) of real-world adversaries. Unlike traditional security assessments that focus on identifying vulnerabilities and patching them, red teaming goes beyond by examining the effectiveness of an organization’s people, processes and technology in detecting and responding to cyber threats. 

Red teaming simulates a real-world attack that happens without boundaries and where the motive is not only to identify vulnerabilities but also to exploit them (or create a POC) and showcase the worst-case scenarios possible. Red team assessments encompass the activities of phishing, DDoS, session takeovers, client-side attacks, social engineering and more, which can often be missing in black and white box testing.  

Talking about the tools used in red teaming by different organizations across the globe, there are plenty of red teaming tools, and interestingly, most of the good ones are open source. Some tools help in lateral movement, mapping the directories/domains, privilege escalation, enumeration, or for any of the 2,000 possible attacks in red teams! 

Amalgamated with the capabilities of AI, we can expect the tools to bypass antimalware scan interface (AMSI) and antivirus tools with greater ease, owing to the capabilities to create custom bypass scripts. We can also expect tools with even stealthier approaches since detection simulation can be tasked to AI to continuously improve the ninja factor! Also, changing script signatures, juggling function names, smuggling data out of machines and tampering with logs creatively are some jobs that we can reliably delegate to AI.  

4. Reverse engineering tools  

In the realm of software, reverse engineering typically involves disassembling or decompiling executable code to extract information about its source code, data structures and algorithms. This practice is employed for various purposes, including understanding legacy systems, interoperability between different software components, identifying vulnerabilities and detecting malicious behavior. 

Reverse engineering has always been a neglected side for developers and a Swiss army knife for attackers. Uber was a victim of it in 2016 when their developers left access keys hidden in their code, which were then found by hackers after reverse engineering their mobile application. It resulted in a major breach disclosing the driver and rider details of 57 million users. 

Reverse engineering tools are used in the identification of application behavior to create mods, malware detection, feature enhancements and exploitations like overflows. Most of the commonly used tools in reverse engineering are free yet basic in terms of functionality and assistance. The challenge remains that every application has a different architecture and codebase and that no static universal rule can be created for hacker assistance.  

AI can be a game-changer by assisting in pattern detection to ascertain malware, applying breakpoints using best guesses on the behavior of the application, finding overflows and performing overflow simulation. AI-powered static and dynamic analysis tools can automatically identify functions, variables and control flow within binary code, helping reverse engineers to understand the behavior and structure of software applications more rapidly. By harnessing the power of AI, reverse engineers can accelerate the discovery process, uncover hidden insights and ultimately enhance their ability to understand and reconstruct complex systems more effectively.  

AI: The ultimate game-changer for security 

Artificial intelligence is a game-changer that can help increase the robustness of cybersecurity and enhance detection and response capabilities to a high level. These advancements are going to reduce the time taken by individuals in manual analysis and help in automating many functional processes. 

However, human interactions with such tools will remain a must, since logical errors, business-critical vulnerabilities, false positives, enhancing the models and reviewing each vulnerability will still require intelligent minds. 

Anurag Goyal is the head of cybersecurity for RedDoorz, a Singapore-based, technology-driven hotel management and booking platform with more than 3,20 properties in Southeast Asia. He is also a dedicated cybersecurity researcher and globally certified ethical hacker, boasting extensive experience fortifying the security posture of more than 100 prominent organizations worldwide, including such esteemed entities as the United Nations (UN), World Bank, Uber, Zomato, Dream11, FoodPanda, Ernst and Young (EY), HDFC Bank, Axis Bank, ITC Hotels, OYO and Lenskart, among others.


Read More from This Article: How AI continues to reshape the cybersecurity arsenal
Source: News

Category: NewsOctober 1, 2024
Tags: art

Post navigation

PreviousPrevious post:Download the Emerging Cybersecurity Issues Enterprise SpotlightNextNext post:The future is hybrid

Related posts

Barb Wixom and MIT CISR on managing data like a product
May 30, 2025
Avery Dennison takes culture-first approach to AI transformation
May 30, 2025
The agentic AI assist Stanford University cancer care staff needed
May 30, 2025
Los desafíos de la era de la ‘IA en todas partes’, a fondo en Data & AI Summit 2025
May 30, 2025
“AI 비서가 팀 단위로 지원하는 효과”···퍼플렉시티, AI 프로젝트 10분 완성 도구 ‘랩스’ 출시
May 30, 2025
“ROI는 어디에?” AI 도입을 재고하게 만드는 실패 사례
May 30, 2025
Recent Posts
  • Barb Wixom and MIT CISR on managing data like a product
  • Avery Dennison takes culture-first approach to AI transformation
  • The agentic AI assist Stanford University cancer care staff needed
  • Los desafíos de la era de la ‘IA en todas partes’, a fondo en Data & AI Summit 2025
  • “AI 비서가 팀 단위로 지원하는 효과”···퍼플렉시티, AI 프로젝트 10분 완성 도구 ‘랩스’ 출시
Recent Comments
    Archives
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • March 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023
    • June 2023
    • May 2023
    • April 2023
    • March 2023
    • February 2023
    • January 2023
    • December 2022
    • November 2022
    • October 2022
    • September 2022
    • August 2022
    • July 2022
    • June 2022
    • May 2022
    • April 2022
    • March 2022
    • February 2022
    • January 2022
    • December 2021
    • November 2021
    • October 2021
    • September 2021
    • August 2021
    • July 2021
    • June 2021
    • May 2021
    • April 2021
    • March 2021
    • February 2021
    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • May 2020
    • April 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
    Categories
    • News
    Meta
    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org
    Tiatra LLC.

    Tiatra, LLC, based in the Washington, DC metropolitan area, proudly serves federal government agencies, organizations that work with the government and other commercial businesses and organizations. Tiatra specializes in a broad range of information technology (IT) development and management services incorporating solid engineering, attention to client needs, and meeting or exceeding any security parameters required. Our small yet innovative company is structured with a full complement of the necessary technical experts, working with hands-on management, to provide a high level of service and competitive pricing for your systems and engineering requirements.

    Find us on:

    FacebookTwitterLinkedin

    Submitclear

    Tiatra, LLC
    Copyright 2016. All rights reserved.