Prompt Engineering For Threat Intelligence |
Abstract
You've likely heard that Artificial Intelligence is transforming the world as we know it. Whether you are skeptical or enthusiastic, it is undeniable that every technological breakthrough brings both positive and negative consequences, along with new areas to explore and learn. One such domain is Prompt Engineering, a critical skill in optimizing the efficacy of large language models (LLMs). In this presentation, we will explore the fundamental concepts of Prompt Engineering and its usage in Threat Intelligence. As organizations wrestle with the daunting task of finding the appropriate talent, analysts and security professionals face mounting pressure due to the vast volume of data, and increasingly sophisticated threats. AI emerges as a powerful solution, providing opportunities to streamline, enhance, and analyze information more effectively to better understand and analyze the threat landscape. We will kick off our discussion with an introduction to Prompt Engineering, exploring the techniques for crafting the ideal prompt, as well as potential pitfalls and issues. We will then present several case studies on Threat Intelligence, highlighting both the empowering aspects and the limitations of AI integration in security teams worldwide. Attendees will gain practical insights into how Prompt Engineering can be utilized to maximize the efficacy of Threat Intelligence initiatives while also being aware of potential challenges and limitations. The presentation will not simply sing the praises of Artificial Intelligence; instead, it will offer a constructive and practical approach to using these new tools for empowering security analysts around the world. At the end of the presentation you will have a clear understanding of how to use these tool not only to enhance your daily work but also to expand your application of AI across various domains. Speaker Bio: Thomas Roccia is an experienced security and threat researcher with over 12 years of experience in the cybersecurity industry. He has held positions at leading security companies with a special focus on threat intelligence. Currently, Thomas is working as a Senior Security Researcher in the Microsoft Threat Intelligence Community. In addition to his work at Microsoft, Thomas also runs SecurityBreak, an online platform where he showcases his latest projects and research findings. As a global expert, Thomas has travelled the world to manage critical outbreaks and has been on the front lines of some of the most well-known threats. He has tracked cybercrime and nation-state campaigns and has worked closely with law enforcement agencies. In addition to his professional work, Thomas is a regular speaker at security conferences and is committed to contributing to the open-source community through various projects. He runs the Unprotect Project, an open malware evasion techniques database, since 2015 and is known for sharing his knowledge on social media. |