Why training LLMs with endpoint data will strengthen cybersecurity

Capturing weak signals across endpoints and predicting potential intrusion attempt patterns is a perfect challenge for Large Language Models to take on.
The goal is to mine attack data to find new threat patterns and correlations while fine-tuning LLMs and models.
Leading endpoint detection and response and extended detection and response vendors are taking on the challenge.
Enhancing LLMs with telemetry and human-annotated data defines the future of endpoint security.
Gartner predicts the endpoint protection platform market will grow from $14.45 billion today to $26.95 billion in 2027, achieving a compound annual growth rate of 16.8%. The worldwide information security and risk management market is predicted to grow from $164 billion in 2022 to $287 billion in 2027, achieving an 11% CAGR. VentureBeat recently sat down with Elia Zaitsev, CTO of CrowdStrike to understand why training LLMs with endpoint data will strengthen cybersecurity.
His insights also reflect how quickly LLMs are becoming the new DNA of endpoint security.
It's actually easier and less prone to hallucination to take a small purpose-built large language model or maybe call it a small language model if you will.
You can actually tune them and get higher accuracy and less hallucinations if you're working on a smaller purpose-built one than trying to take these big monolithic ones and make them like a jack of all trades.
We'll let the LLMs do some things, but then we'll also check the output.
We're ultimately basing the responses on our telemetry on our platform API so that there's some trust in the underlying data.
What you need is actually in many cases, a couple of thousand, maybe tens of thousands of examples, but needed to be very high quality and ideally what we call human-annotated data sets.
So as it turns out, because we've in many ways uniquely been investing in our human capacity and building up this high-quality human annotated platform data, we now all of a sudden have this goldmine this treasure trove of exactly the right kind of information you need to create these generative AI large language models, specifically fine-tuned to cybersecurity use cases on our platform.
It uses multiple LLMs, but it also uses non-LLM technology.
Zaitsev: The output that the user sees from Charlotte is almost always based off of some platform data.
We may take that data and then tell Charlotte to summarize it for a layperson.
Again, things that LLMs are good at, and we may train it off of our internal data.
The customer-specific data is not training into Charlotte, it's the general knowledge of vulnerabilities.
The customer-specific data is powered by the platform.
The LLMs get trained on and hold general cybersecurity knowledge, and in any case, make sure you're never exposing that naked LLM to the end user so that we can apply the validation.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact.


This Cyber News was published on venturebeat.com. Publication date: Sat, 30 Dec 2023 00:43:05 +0000


Cyber News related to Why training LLMs with endpoint data will strengthen cybersecurity

The age of weaponized LLMs is here - It's exactly what one researcher, Julian Hazell, was able to simulate, adding to a collection of studies that, altogether, signify a seismic shift in cyber threats: the era of weaponized LLMs is here. The research all adds up to one thing: LLMs are ...
1 year ago Venturebeat.com
Cybersecurity Training for Small Businesses - The importance of cybersecurity training for small businesses cannot be overstated in today's increasingly digital world. In conclusion, cybersecurity training is essential for small businesses to protect themselves against cyber threats. There are ...
10 months ago Securityzap.com
6 Best Cybersecurity Training for Employees in 2024 - Cybersecurity awareness training programs are comprehensive, long-term products that show your workforce how to spot security threats and potential attacks. Cybersecurity training products typically offer informational videos, quizzes, and phishing ...
11 months ago Esecurityplanet.com
Why training LLMs with endpoint data will strengthen cybersecurity - Capturing weak signals across endpoints and predicting potential intrusion attempt patterns is a perfect challenge for Large Language Models to take on. The goal is to mine attack data to find new threat patterns and correlations while fine-tuning ...
11 months ago Venturebeat.com
Exploring the Security Risks of LLM - According to a recent survey, 74% of IT decision-makers have expressed concerns about the cybersecurity risks associated with LLMs, such as the potential for spreading misinformation. Security Concerns of LLMs While the potential applications of ...
11 months ago Feeds.dzone.com
The impact of prompt injection in LLM agents - This risk is particularly alarming when LLMs are turned into agents that interact directly with the external world, utilizing tools to fetch data or execute actions. Malicious actors can leverage prompt injection techniques to generate unintended and ...
1 year ago Helpnetsecurity.com
Cybersecurity Training for Business Leaders - This article explores the significance of cybersecurity training for business leaders and its crucial role in establishing a secure and resilient business environment. By examining the key components of effective training programs and the ...
10 months ago Securityzap.com
Fortinet Contributes to World Economic Forum's Strategic Cybersecurity Talent Framework - Shining a light on the cybersecurity workforce challenge, the World Economic Forum recently published its Strategic Cybersecurity Talent Framework, which is intended to serve as a reference for public and private decision-makers concerned by the ...
7 months ago Feeds.fortinet.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
How to Safeguard Your Data Through Security Awareness Training? - As cybercriminals employ increasingly advanced tactics, IT security awareness training becomes a pivotal defense mechanism. This article delves deeper into the imperative of such training and provides actionable tips to enhance the effectiveness of ...
8 months ago Cybersecurity-insiders.com
Mastering Cybersecurity: Developer Training - Discover how to create an effective and engaging training program for your developers. Create a security training program with clearly defined goals to influence your developers to prioritize learning. Developers are likelier to participate and exert ...
11 months ago Feeds.dzone.com
Unified Endpoint Management: What is it and What's New? - What began as Mobile Device Management has now transitioned through Mobile Application Management and Enterprise Mobility Management to culminate in UEM. This progression underscores the industry's response to the ever-growing challenges of modern IT ...
1 year ago Securityboulevard.com
Researchers Uncover Simple Technique to Extract ChatGPT Training Data - Can getting ChatGPT to repeat the same word over and over again cause it to regurgitate large amounts of its training data, including personally identifiable information and other data scraped from the Web? The answer is an emphatic yes, according to ...
1 year ago Darkreading.com
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
11 months ago Securityzap.com
What the cybersecurity workforce can expect in 2024 - For cybersecurity professionals, 2023 was a mixed bag of opportunities and concerns. The good news is that the number of people in cybersecurity jobs has reached its highest number ever: 5.5 million, according to the 2023 ISC2 Global Workforce Study. ...
11 months ago Securityintelligence.com
OWASP Top 10 for LLM Applications: A Quick Guide - Even still, the expertise and insights provided, including prevention and mitigation techniques, are highly valuable to anyone building or interfacing with LLM applications. Prompt injections are maliciously crafted inputs that lead to an LLM ...
8 months ago Securityboulevard.com
Understanding CAT Culture in Cybersecurity: Collaboration, Awareness, and Training - In the dynamic and ever-evolving landscape of cybersecurity, organizations are increasingly recognizing the importance of fostering a robust security culture to mitigate risks and safe-guard sensitive data. One such approach gaining traction is the ...
8 months ago Cybersecurity-insiders.com
How to become a cybersecurity architect - Cybersecurity architects implement and maintain a comprehensive cybersecurity framework to protect their company's digital assets. The cybersecurity architect position is a fundamental role that all organizations need, said Lester Nichols, director ...
5 months ago Techtarget.com
Google Researchers Find ChatGPT Queries Collect Personal Data - The LLMs are evolving rapidly with continuous advancements in their research and applications. Recently, cybersecurity researchers at Google discovered how threat actors can exploit ChatGPT queries to collect personal data. StorageGuard scans, ...
1 year ago Cybersecuritynews.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
7 months ago Hackread.com
African Organizations Aim to Fix Cybersecurity in 2024 - Faced with numerous cybersecurity threats and challenges, but lacking adequate cyber training, African nations hope to develop the depth of skills needed to defend against attackers in 2024. In December, for example, the University of Lagos, the ...
11 months ago Darkreading.com
Navigating an AI-Enhanced Landscape of Cybersecurity in 2024: A Proactive Approach to Phishing Training in Enterprises - As we stand at the precipice of 2024, the intersection of artificial intelligence and cybersecurity looms large, with phishing attacks emerging as a focal point of concern. The integration of AI is poised to redefine the threat landscape, introducing ...
1 year ago Securityboulevard.com
Growing threats outpace cybersecurity workforce - The cybersecurity skills shortage threatens the well-being and even survival of numerous businesses as cybersecurity threats grow more numerous, sophisticated, and dangerous to the point that cybersecurity groups have vowed not to pay ransom demands. ...
10 months ago Legal.thomsonreuters.com
Digital Learning Tools for Cybersecurity Education - In the field of cybersecurity education, digital learning tools have become indispensable. This article explores various digital learning tools tailored specifically to cybersecurity education. These digital learning tools play a crucial role in ...
11 months ago Securityzap.com
The Power of Endpoint Telemetry in Cybersecurity - Cisco - By filtering out unwanted data, this telemetry reduces noise and offers clear visibility into endpoint activities, including processes, parent-child process relationships, triggered events, files and network activity, whether malicious or benign. ...
2 months ago Feedpress.me

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)