Microsoft Security Response Center’s Post

We have three events left, with one happening today... Fundamentals of Responsible Generative AI: March 27, 2024 12:00PM - 1:30PM (Pacific) - https://lnkd.in/gE58ZDnd We hope you'll join us in the march to Copilot for Security GA. Once April 1st hits, we'll be digging directly into the details of Copilot for Security. #CopilotforSecurity #Cybersecurity #MicrosoftSecurity #Security #GenerativeAI

Machine learning algorithms have influenced computer security, such as for malware detection, vulnerability discovery, and binary code analysis. This paper identifies common pitfalls in the design, implementation, and evaluation of learning-based security systems. #machinelearning #security https://lnkd.in/g8XfeTaU

🤔 Would you trust an AI to assist with secure code review? 🤔 👉 Let me know, why or why not? I'm completing a capstone project for my Master's in Cybersecurity at Georgia Tech on integrating AI into secure code reviews, and I have created a short survey on the topic. I would love to hear your thoughts, and hear any stories of successes or failures for anyone who has tried this so far. ✨ If you have just a few minutes, please take the survey, and share with other members of the AppSec community. Thank you! Survey Link: https://lnkd.in/eP3DP_Bn

AI tools for coding are a double-edged sword. On one hand, they’re speeding up development like never before. On the other, they’re quietly introducing vulnerabilities that cybercriminals love to exploit. If you’ve ever lost sleep wondering about the security risks of AI-generated code, you’re not alone—it turns out a majority of cybersecurity professionals are right there with you. AI isn’t going anywhere, and banning it outright isn’t an option if companies want to stay competitive. However, not all AI tools are created equal. The real challenge now lies in identifying tools that prioritize security fundamentals over speed. Read the full story here: https://lnkd.in/dWD6fNXh

“What if I told you AI uncovered a vulnerability hiding in critical internet infrastructure for two decades?” Cybersecurity is evolving, and Google just showed us how. Using its AI-powered fuzzing tool, OSS-Fuzz, Google discovered 26 vulnerabilities in open-source code repositories—including a flaw in the OpenSSL library (CVE-2024-9143), a core component of the internet’s infrastructure. This bug had remained undetected for nearly 20 years, posing risks like crashes and remote code execution (RCE) attacks. What’s groundbreaking here isn’t just the discovery—how AI did it. OSS-Fuzz’s success comes from: 1. Contextual Precision: AI generates better prompts, reducing errors and improving detection. 2. Developer Emulation: It mimics a developer’s workflow, automating tasks like writing, testing, and triaging fuzz targets. This milestone proves AI’s potential to transform cybersecurity, uncovering vulnerabilities traditional methods might miss. OpenSSL has since been patched, but this is a clear call for cybersecurity professionals to embrace AI-driven tools to stay ahead. What’s your take on AI’s role in cybersecurity? Are you exploring it in your workflows, or do challenges remain? Let’s discuss how we can adapt to these advancements together. #CyberSecurity #AI #Google #OSSFUZZ

Completed another foundational GenAI course geared to explore the concepts. This course also explored the risks, common security threats, and concepts on how to keep data safe through data governance. Highly recommend for anyone looking to refine their skills on Generative AI and Data Privacy and Security.

It's not too late to register! Today at 1pm EST Ken Johnson shares our journey of leveraging Large Language Models (LLMs) for application security. 🔐 Discover how we're moving beyond traditional static analysis to find nuanced security issues in code. In this session, you'll learn about the challenges we have faced, the lessons we learned, and the innovative methods we've developed. 👉❓Bring your questions for the live Q&A after Ken’s presentation! Nov. 14 • 1pm EST 🔗 Register at https://lnkd.in/gBPSPmSC This webinar is part of a series titled AI-powered AppSec. Follow us here to stay up to date with our latest sessions from the series. #AI #Cybersecurity #LLM #ApplicationSecurity #Innovation

⚔️ The Power of Machine Learning in the Constant Battle with Hackers Picture this scenario: a digital duel where Qrator Labs stands as the guardian of our clients' resource availability, tirelessly countering the efforts of attackers plotting to orchestrate extended periods of downtime. Strategically, it all comes down to💰 money: our "move" is to force attackers to use the most expensive equipment and, perhaps more importantly, to apply high-level manual and intellectual skills. We aim to make their efforts cost more than the potential gains from a successful attack. However, we don't want to incur excessive costs ourselves, so we seek ways to automate our tasks. This is where machine learning comes in handy. How we use ML algorithms: ✏  We predict load (for example, to understand under what conditions the backend might fail) ✏  We determine whether an attack is actually occurring or if there's simply a surge of legitimate users ✏  We search for groups of visitors with particular properties (using either clustering or anomaly detection) to identify botnets 🧠 The Qrator Labs team is continuously refining advanced filtering algorithms with machine learning technologies at our disposal. This approach enables our filters to swiftly adapt and respond to new types of threats automatically, staying one step ahead in the ever-evolving landscape of cybersecurity. #CyberSecurity #DDoSProtection #MachineLearning #ML #QratorLabs #ThreatDetection #NetworkSecurity #AIinCybersecurity #AutomatedDefense #CyberAttacks #LoadPrediction #AnomalyDetection #CyberIntelligence #WebSecurity

Artificial intelligence (AI) in cybersecurity has been around for well over a decade, and in that time a lot has changed. Our new e-Book, Cybersecurity's AI Tidal Wave, will teach you how to ask critical questions when evaluating AI/ML-based cybersecurity solutions and help you make informed decisions that will enhance your security posture. https://lnkd.in/ga2y-2ju

Feeling overwhelmed by spam? Wish your inbox was a haven for relevant messages, not marketing madness?📧 There's a hero behind the clean inbox : Machine Learning(ML)! These clever algorithms learn to identify spam patterns and keep your precious time safe from unwanted emails.🛡️ But where do these powerful algorithms come from? That's where our team of expert developers come in! We craft and train these ML ninjas to keep your inbox sparkling clean.💻 Contact us today and let our developers build the perfect ML solution for your email needs!✨ 🌐devccelator.com ✉️info@devccelator.com 📞+46736614989 #Devccelator #MachineLearning #Technology #Innovation #ArtificialIntelligence #EmailProductivity #Cybersecurity