Red Blue Purple AI - May 2024
Over the course of the last year and a half, I've been working on a new course. My area of expertise is usually offensive security, but through my consulting, advising, and leadership roles, I've been exposed to almost every part of a security program. Not only have I had the tremendous opportunity to learn in many domains, but I've also had the luck to work at different organizations that are at various stages of their security program.
Shortly after the initial launch of ChatGPT 3.5, I caught the bug of being obsessed with generative AI.
Being similarly obsessed with both topics, cybersecurity and AI, I began to develop tools in private and then to build a talk on current generation AI and LLM helpers for security.
I gave that talk privately to a group of about 500 security professionals. Out of all the presentations in my career and having spoken all around the world, I think I got the most praise and feedback for that than any other.
So, I came home immediately and started building what I think is a one-of-a-kind course.
Red Blue Purple AI reverse engineers security programs, and security people's day-to-day needs. It maps these out in an easy-to-understand way and teaches security professionals how to supercharge their abilities.
Below is a high-level structure of the syllabus, but as some of the class is super secret sauce, most of the content will be covered live during the class.
By the end of the course the student should be well-prepared to apply the knowledge from the course to build their own world-class bots.
I am genuinely so ecstatic to launch this course and I am sincerely hoping that you all enjoy it as much as I am enjoying building it.
See you in Red Blue Purple AI.
Course Schedule:
- May 30th-31st , 9am-5pm MST
(Syllabus subject to change as the course is activley being developed and the AI landscape moves VERY fast)
Section 1 - LLMs for Power Users:
The class begins by giving away my homegrown tips and tricks for prompt engineering and building world-class LLM bots. My personal bot, SecGPT, has over 10,000 uses on the GPT store and is in the top 100 in the "research" category for OpenAI. It outperforms every other bot in the security realm by far, and I will teach the students how to make bots just like it for their purposes. This includes going over prompt engineering, common misconceptions about LLMs, configuration of key settings for security work, problem solving steps, and more.
Some Topics:
- Limitations of LLMs
- Problem solving for the human brain
- Problem solving with an LLM
- Point in time discussion of best models
- (BETA) Seed
- Agents and Cross Talk
- RAG
- API Basics
- Privacy
- Chain of Thought
Prompt Engineering for Security:
- System Instruction
- Temperature
- Context Windows and Tokens
- Structure
- Sampling
- Language
- Sub Training and Files
- Weird Machine Tricks
- Single Shot vs Multi-Shot
Section 2 - Breaking Down Security:
After diving into the environment around getting set up, we will begin to reverse engineer what components security programs have. We will split the domains of security into red, blue, and purple topics.
Section 3 - Red AI:
Some Topics covered:
- AI in internal and consultant based offensive security.
- Automation building via AI
- Phishing augmentation via AI
- Vulnerabilty Management augmented by AI
- Exploit dev and modification with AI
- Documentation and Reporting
- Tool Development
- Appsec analysis topics
Section 4 - Blue AI:
Some Topics covered:
- The Open and Closed Source Landscape
- SOC Duties and AI Helpers
- CTI Duties and AI Helpers
- Threat Hunting Duties and AI Helpers
- DFIR Duties and AI Helpers
Section 5 - Purple AI:
Some Topics covered:
- The Open and Closed Source Landscape
- Tabletopping
- Attack Simulation and Automation
- MITRE ATT&CK and Atomics
- Using AI for Security Program Maturity Assessment and Enhancement
- AI in Security Training: Customized Training Modules and Simulations, paved road integration and documentation
- Security Engineering and Product Security topics - Architecture, Configuration, Security as Code.
Section 6 - Silver AI:
Some Topics covered:
- Leadership and program management topics aided by AI
Section 7 - Future Tech:
- A conversation about capabilities on the horizon and how to be early adopters.