Supercharge security with generative AI
Key Takeaways
Explains how to supercharge security with generative AI
Full Transcript
[Music] hi everyone my name is Umesh chunker I'm the chief technologist here at Google Cloud security and I'm excited to talk to you today about work we've been doing in the area of generative AI we're going to cover a number of areas here today we're going to go through a brief history of innovation of AI in the generative space here at Google we're going to talk about key security challenges that we face as an industry and how AI could help with those we're going to talk about how we've been infusing AI into all our products and we're going to talk about a custom AI model that we've developed here in the cloud Security Group and how we're going to make that model available through a security AI platform and finally we're going to conclude by talking about some next steps I'm going to take now if you're like most of our audience what do you think about the year 2017 you think isn't that the year that Harry Styles releases debut solo album yes yes it is but it turns out over in the world of machine learning other exciting things are happening at the same time Google research released a paper then called attention is all you need which introduced the Transformer architecture to machine learning by being able to reason about words using the context in which they appeared we were able to make immediate and dramatic gains in machine translation what was hard to predict is that this architecture would spark a revolution in AI with large language models that had a broad set of abilities such as generating content and logical reasoning as well since that 2017 paper Google has led a number of foundational advances Bert led to significant improvements in Google search quality Lambda was a Leap Forward in conversation quality and was the basis for the barred chatbot that many of you might be familiar with and the Palm 2 model we recently introduced at Google I O made big steps in multilingual capabilities reasoning and coding tasks so what does all this have to do with security let's take a look at three long-standing big challenges we face in the industry in some ways we think AI can make a big difference in the world of medicine there's a concept of patient zero the first person infected with a novel disease in security we have a similar concept the first user or organization hit with the novel compromise today can be an overwhelming challenge for people to keep up with the evolving threat landscape even if you know all the threats knowing what to do and doing it isn't easy so we asked ourselves what if we could prevent patient ones if we could use AI to take what we learn in real time from that first compromise and operationalize that to protect everyone else let's go to our second category toil if we're being honest the practice of security can feel like trying to stay on a treadmill that goes faster and faster every day and most of the people who do security aren't security Specialists there are software Engineers sres I.T admits database events they're people whose main job is not doing security and even experts often end up doing repetitive or manual tasks leaving them with little time to focus on more complex and interesting problems that only they can tackle this is a big cause of burnout in the industry as well it's something we spend a lot of time thinking about so we asked ourselves What If instead we could build systems that secure themselves that when you want to deploy a new piece of software or setup we're able to automatically generate the right security policy to go along with that that eliminates enormous amounts of manual work to just figure out what is the right change to make and finally let's turn our attention to the tally Gap we know in our industry there's a gap of millions of jobs compared to the number of skilled people who are available to fill them we think AI can make non-specialists productive much more quickly with the skills they already have and help them climb the learning curve to expertise much more quickly we're already building features in our products to tackle each of these challenges virus total today with its code inside feature is able to analyze previously unseen Power Cell scripts to explain and assess them using generative AI it was able to classify some scripts as risky as well as or better than existing AV engines for each analytics for chronicle takes indicators and other markers from known breaches including those happening in real time and operationalizes those to detect the same activity elsewhere our assured open source offering lets customers get curated scanned securely built versions of OSS packages helping to mitigate software's abuse security supply chain risk we are using AI to detect previously unknown vulnerabilities more scalably duet AI for manual threat intelligence is able to synthesize and summarize relevant threat intelligence and make it digestible by a range of audiences saving lots of manual analysis and compilation duet AI for chronicle lets users who are not familiar with the domain-specific udm schema language write natural language search queries like show me which Windows machines used RDP or VNC in the last month and how to generate the exact search query that you need to do that this can be a big time saver for experts as well giving them a starting query that they can then refine by hand authoring detections in chronicle is also going to benefit from AI authoring detections can be challenging and require lots of iteration to get right being able to have a good starting point for natural language and being able to use the conversational AI features to continually refine those detections is something we think is going to save people time and lead to better detection quality and finally duet AI for security Command Center enhances our attack path simulation capability which shows possible ways your sensitive resources might be accessed by adding a plain language explanation and summary of the sometimes complex graph data that you have to process now to do these things well you need a security specific model one that speaks security natively and we discovered this because we try general purpose models first and we found they didn't always perform as well as we would like on these security tasks for example security specific languages aren't always well represented in general purpose model training sense beyond that a lot of important security data just isn't on the public internet which is where a lot of training data comes from so we combined both public security resources and the incredibly Rich threat intelligence data we've compiled across Google and mandion to fine-tune a model aimed at solving security tasks specifically in 2022 Mandy had conducted over a thousand incident responsing agents this gives us world-class Frontline intelligence visibility to capture new threats as they unfold Beyond these engagements we have hundreds of threat analysts looking for and tracking behaviors by Bad actors we also analyzed millions of potentially malicious artifacts a day all of this gives us a strong data foundation on which to train our model SEC palm-2 is a descendant of Google's General Palm 2 model which we recently introduced at Google I O Google is continually developing more powerful Foundation models like Palm 2 and will evolve SEC Palm to take advantage of those models as they become available as well you already saw some ways we're using SEC Palm to build Innovative features to tackle the problems of threats to oil and talent now we're making this model available by a security AI workbench the core of which is sec palm-2 vertex AI is Google Cloud's AI platform and we leverage the easy to use generative AI apis that were recently introduced by building on vertex you get Enterprise grade controls for data protection compliance and sovereignty you get access to Google's custom-built AI chips tpus or tensor processing units and you get management friendly features like identity integration scale delivery and slos it's the same platform we're using to build our own AI powered product features of course all this wouldn't be nearly as exciting if you made it just for ourselves customers will be able to use workbench for internal use cases as well as developing product features of Their Own the API is particularly well suited to three kinds of atomic tasks summarization classification and generation summarization is a key capability when trying to make sense of large volumes of security data and making it digestible for a variety of audiences something that often takes a lot of manual effort classification in the security context is often about detecting potentially risky or malicious activity or artifacts and explaining the reasons behind that decision and generation is valuable when working with formats like security policy or query languages when you want to generate the right snippet to capture a higher level intent this is something that people often struggle to do manually of course a big part of the value of large language models is their ability to stitch all of this together and to present a conversational interface on top of those capabilities we think this is particularly valuable in the security space where information can be spread across many different systems and has to be synthesized in order to make sense of it we know in all this that privacy is top of mind for many of our customers it's important to know that the prompts that you give to the API don't get logged or fed back into the training set for the model we think extensibility is key to making the workbench maximally useful it's important to let customers tap into their own data seamlessly and to connect to other security apis like threat intelligence from our partners to do this we're planning to enable a plug-in model for the SEC palm2 API which will allow secure API connections to the data at inference time keeping all the platform data Protections in the process you'll be able to do this without leaving your compliance boundary plugins can be private to a single customer or made available for other customers to use through a Marketplace we'll continue to extend the SEC palm-2 model to cover additional security specific languages that are necessary to interpret security data that our customers find important or that these plugins provide we've seen a lot of interest in the industry from our partners and customers since we introduced this model of the RSA conference in April this year we're now starting to work with some early Partners to build and extend the workbench ecosystem it's important to emphasize that this is just the start of a long and exciting Journey we're all very excited here to see the Innovative applications all of you come up with if you're interested to learn more about what we're doing with generative AI check out our website at cloud.google.com security AI again for joining me here today and I hope you enjoy the rest of the sessions here at the Google Cloud security Summit foreign [Applause] [Music]
Original Description
Recent advances in artificial intelligence (AI), particularly in large language models (LLMs), accelerate our industry’s ability to help the people responsible for keeping their organizations safe. In this session, we’ll show how Google Cloud Security AI Workbench, our industry-first platform powered by a specialized security LLM, enhances our security portfolio to address three top security challenges: threat overload, toilsome tools, and the talent gap.
SECBO10
#GoogleCloudSummit
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from Google Cloud · Google Cloud · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Top 3 ways organizations are adjusting their cloud strategies to prepare for economic uncertainty
Google Cloud
Google Cloud Retail Search and Browse Console deep dive
Google Cloud
Google Cloud Backup and DR - How to mount, clone or restore a VMware VM
Google Cloud
Google Cloud Backup and DR - VMware vSphere Backup Overview
Google Cloud
Google Cloud Backup and DR - Creating backup Plans for VMware VM backups
Google Cloud
Google Cloud Backup and DR - Compute Engine Instance Backups and Sole Tenant Nodes
Google Cloud
Google Cloud Backup and DR - Managing Service Accounts
Google Cloud
Let’s solve for what’s next
Google Cloud
Google Cloud Executive Briefing Center | Cloud Space | Silicon Valley
Google Cloud
Tinyclues with Google Cloud offers CRM Intelligence to maximize conversions
Google Cloud
Aible partners with Google Cloud helping customers build predictive models within minutes
Google Cloud
TELUS streamlines big data ingestion with help from Google Cloud and Accenture
Google Cloud
Getting started with Apigee API Management
Google Cloud
Google Cloud Retail Search
Google Cloud
Building your first API proxy with Apigee
Google Cloud
Brands and agencies develop dynamic video ads with Connected-Stories NEXT and Google Cloud
Google Cloud
Redefining the transportation industry
Google Cloud
Google Cloud Project Katalyst
Google Cloud
Israel's Family Court: Creating more compelling experiences for its citizens
Google Cloud
Tausight partners with Google Cloud to help healthcare industry protect PHI activity & take action
Google Cloud
Google Cloud Retail Browse
Google Cloud
Verifying API keys and debugging your API proxy flow
Google Cloud
Getting started with Apigee API Management
Google Cloud
Adding policies to your APIs
Google Cloud
Google Cloud Backup and DR - Configuring Google Cloud VMware Engine to work with Backup and DR
Google Cloud
Topaz Subsea Cable
Google Cloud
Episode 29: Building a culture of data literacy with Latin America’s biggest ecommerce platform
Google Cloud
Weshalb Datananalysten die Sparringspartner von Produktmanagern sein sollten
Google Cloud
Warum und wie METRO eine Machine Learning-Pipeline implementiert hat
Google Cloud
Wie nutzt METRO Data Science, um geschäftliche Herausforderungen zu meistern?
Google Cloud
Google Cloud in Qatar. Let's get solving.
Google Cloud
Google Cloud for Qatar
Google Cloud
Doha has a new Google Cloud region
Google Cloud
The new Google Cloud region in Qatar
Google Cloud
Build, tune, and deploy foundation models with Vertex AI
Google Cloud
Generative AI on Google Cloud
Google Cloud
Who will be coming to Google Cloud Day Tel Aviv? #Shorts
Google Cloud
Protect your organization at the edge
Google Cloud
Google Cloud Backup and DR Alert Notifications setup
Google Cloud
Build, tune, and deploy foundation models with Generative AI Support in Vertex AI
Google Cloud
Where the Internet Lives: Data center on the prairie
Google Cloud
Which developer program are you joining?
Google Cloud
Lufthansa Group baut intelligente Systeme zur Vereinfachung des Flugbetriebs
Google Cloud
How ASML revived Moore's Law and remade chipmaking
Google Cloud
CMO of Unity celebrates Women's History Month
Google Cloud
Vint Cerf on Google Cloud Digital Leader
Google Cloud
Mobile World Congress 2023
Google Cloud
Topaz - Canada
Google Cloud
Google Data Cloud & AI Summit 2023: Reveal opportunities to transform your business
Google Cloud
Building a conversational bot with Google Cloud Gen App Builder
Google Cloud
Elisa Polystar and Google Cloud partner to bring the power of analytics and automation to CSPs
Google Cloud
Network modernization - how can CSPs start now?
Google Cloud
How Semios uses imported and remote models for inference with BigQuery ML
Google Cloud
Deliver your AI solutions up to 100 times faster with Google Cloud partner, Snorkel AI
Google Cloud
Capture consumer perspectives for CPG using NLP and analytics with Harmonya and Google Cloud
Google Cloud
Delivering Cloud-Native Network Transformation
Google Cloud
Proactively detect & investigate anomalies & data quality issues in BigQuery with Telmai
Google Cloud
Introducing AlloyDB Omni
Google Cloud
Episode 30: How Auto Trader transitioned to the cloud to analyze tricky customer data
Google Cloud
MongoDB Atlas on Google Cloud
Google Cloud
Related Reads
📰
📰
📰
📰
Meet “Miss GPT”: The Polite Face of Confident Misinformation
Medium · LLM
Open-Weight LLM API Integration: A Practical Guide for Developers
Dev.to AI
A 26Million Parameter Model That Can Call Your Tools Without Waking the Cloud
Medium · Data Science
A 26Million Parameter Model That Can Call Your Tools Without Waking the Cloud
Medium · LLM
🎓
Tutor Explanation
DeepCamp AI