chatgpt

For a long time, "artificial intelligence" has been a popular buzzword in the cybersecurity sector, boasting solutions capable of detecting suspicious network activities, rapidly understanding the situation, and assisting in incident response upon an intrusion. However, the most effective and reliable services so far have been machine learning algorithms designed to identify malware traits and other questionable network behaviors. Now, with the increasing availability of generative AI tools, Léargas Security has finally developed a service for security professionals that lives up to the hype.

A few weeks ago, Léargas introduced the integration of ChatGPT into the Léargas Security platform, a product that leverages ChatGPT and their own work on large language models. Léargas is now releasing the platform which integrates system data and network monitoring from security solutions like Zeek, Suricata, Windows Event Logs, Syslog, Wazuh, OSSEC, Google Workspaces, AWS, Azure, Office365, Box, DUO, OKTA as well as many third-party services.

Léargas Security generates alerts, visually and textually represent network activities, and offer steps for potential investigations. As an analyst leverages Léargas Security to analyze a possible security incident, the platform keeps track of the history, allowing added team members to quickly catch up and review the progress made.

Primary Goals and Objectives:

  • Streamline complexity
  • Identify overlooked threats
  • Bridge the skill gap
  • Reduce overall cost

Léargas Security's capabilities encompass:

  • Rapid response to security incidents (in minutes)
  • Providing crucial step-by-step guidance and context
  • Summarizing processes or events swiftly
  • Real-time detection of potential threats
  • Predicting potential next moves of threat actors
  • Answering security-related inquiries
  • Introducing security researchers to new expertise

The Léargas Security provides access controls that enable selective sharing of specific projects with certain colleagues, which is crucial when investigating potential insider threats. Additionally, Léargas Security serves as a round-the-clock monitoring support system. This ensures that even in the absence of an expert with a particular skillset during a shift or day, the system can offer fundamental analysis and recommendations to address any gaps.

For instance, if a team needs to promptly examine a potentially malicious network flow or software binary, Léargas Security can initiate the analysis, contextualize the behavior, and determine its possible objectives.

Want to know more? Take a test drive, today!