SlideShare a Scribd company logo

[DSC Europe 23][AI:CSI] Dragan Pleskonjic - AI Impact on Cybersecurity and Privacy

/

1 of 36
Download to read offline
Copyright © 2023 Dragan Pleskonjic. All rights reserved.
AI Impact on
Cybersecurity and Privacy
∑∏ vSOC
Copyright © 2023 Dragan Pleskonjic. All rights reserved.
Visit
inpresec.com | glog.ai | securitypredictions.xyz
to learn more
Copyright © 2023 Dragan Pleskonjic. All rights reserved.
Dragan Pleskonjić
Senior Director Application Security at global international company
Rich experience in creating and managing start-ups, new businesses
development
Leading management positions in multinational corporations
Expertise in information security, computer software and networks
Prolific academic career: Adjunct Professorship, author of books, scientific
papers and journal articles
Scientific and security leader, researcher, advisor, architect
Inventor with U.S. patents granted and several patent applications pending
(USPTO, CIPO, EPO, WIPO)
Entrepreneur, leader, motivator, visionary
Current focus: Initiator and founder of projects INPRESEC, Glog.AI, Security
Predictions and vSOC
Personal Website | LinkedIn | Twitter
https://www.dragan-pleskonjic.com/
Copyright © 2023 Dragan Pleskonjic. All rights reserved.
Vladimir Jelić
Senior Manager Application Security at global international company
In his current role, he participates in application security efforts on a global organization level.
His work includes Software Security Assurance (SSA), Static Code Analysis (SCA), work with
Static Application Security Testing (SAST) and Software Composition Analysis (SCA) tools,
automation of processes, and overall collaboration with software development life cycle (SDLC)
participants.
He is focused on cyber security and software security solutions aided by machine learning and
artificial intelligence.
Prior current role, Vladimir has ten years of experience in software development roles.
Copyright © 2023 Dragan Pleskonjic. All rights reserved.
From Cybersecurity
to Cyber Resilience
Cyber risk isn’t just
a technical
problem, it’s also a
financial problem!
Source:
https://partners.wsj.com/resilience/cyber
-strong/from-cybersecurity-to-cyber-
resilience/
Copyright © 2023 Dragan Pleskonjic. All rights reserved.
Copyright © 2023 Dragan Pleskonjic. All rights reserved.
Agenda
What is AI & current state
How AI can be misused for cybersecurity
attacks
Use AI to defend information systems and
networks
Future concerns and opportunities
Examples of cybersecurity solutions aided by
ML & AI

Recommended

AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)Takeshi Takahashi
 
[DSC Europe 23] Shahab Anbarjafari - Generative AI: Impact of Responsible AI
[DSC Europe 23] Shahab Anbarjafari - Generative AI: Impact of Responsible AI[DSC Europe 23] Shahab Anbarjafari - Generative AI: Impact of Responsible AI
[DSC Europe 23] Shahab Anbarjafari - Generative AI: Impact of Responsible AIDataScienceConferenc1
 
Artificial Intelligence In Cyber Security - A Review
Artificial Intelligence In Cyber Security - A ReviewArtificial Intelligence In Cyber Security - A Review
Artificial Intelligence In Cyber Security - A ReviewCourtney Esco
 
Top Positive and Negative Impacts of AI & ML on Cybersecurity
Top Positive and Negative Impacts of AI & ML on CybersecurityTop Positive and Negative Impacts of AI & ML on Cybersecurity
Top Positive and Negative Impacts of AI & ML on CybersecurityPixel Crayons
 
ARTIFICIAL INTELLIGENCE IN CYBER SECURITY
ARTIFICIAL INTELLIGENCE IN CYBER SECURITYARTIFICIAL INTELLIGENCE IN CYBER SECURITY
ARTIFICIAL INTELLIGENCE IN CYBER SECURITYCynthia King
 
Artificial Intelligence in cybersecurity
Artificial Intelligence in cybersecurityArtificial Intelligence in cybersecurity
Artificial Intelligence in cybersecuritySmartlearningUK
 
Whitepaper Avira about Artificial Intelligence to cyber security
Whitepaper Avira  about Artificial Intelligence to cyber securityWhitepaper Avira  about Artificial Intelligence to cyber security
Whitepaper Avira about Artificial Intelligence to cyber securityGopiRajan4
 
Role of artificial intelligence in cyber security | The Cyber Security Review
Role of artificial intelligence in cyber security | The Cyber Security ReviewRole of artificial intelligence in cyber security | The Cyber Security Review
Role of artificial intelligence in cyber security | The Cyber Security ReviewFreelancing
 

More Related Content

Similar to [DSC Europe 23][AI:CSI] Dragan Pleskonjic - AI Impact on Cybersecurity and Privacy

Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?PECB
 
Artificial intelligence and machine learning: ultimate game changers
Artificial intelligence and machine learning: ultimate game changersArtificial intelligence and machine learning: ultimate game changers
Artificial intelligence and machine learning: ultimate game changersITrust - Cybersecurity as a Service
 
How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security Robert Smith
 
State of AI Report 2023 - Air Street Capital
State of AI Report 2023 - Air Street CapitalState of AI Report 2023 - Air Street Capital
State of AI Report 2023 - Air Street CapitalAI Geek (wishesh)
 
Identifying a Cyber Security Platform that will maximize your investment for ...
Identifying a Cyber Security Platform that will maximize your investment for ...Identifying a Cyber Security Platform that will maximize your investment for ...
Identifying a Cyber Security Platform that will maximize your investment for ...CompanySeceon
 
Security in the age of Artificial Intelligence
Security in the age of Artificial IntelligenceSecurity in the age of Artificial Intelligence
Security in the age of Artificial IntelligenceFaction XYZ
 
Applications Of Artificial Intelligence In Cyber Security
Applications Of Artificial Intelligence In Cyber SecurityApplications Of Artificial Intelligence In Cyber Security
Applications Of Artificial Intelligence In Cyber SecurityGina Brown
 
#ATAGTR2019 Presentation "Security testing using ML(Machine learning), AI(Art...
#ATAGTR2019 Presentation "Security testing using ML(Machine learning), AI(Art...#ATAGTR2019 Presentation "Security testing using ML(Machine learning), AI(Art...
#ATAGTR2019 Presentation "Security testing using ML(Machine learning), AI(Art...Agile Testing Alliance
 
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Black Duck by Synopsys
 
Unlimited Attempts AllowedDetails Virtual Sniffing Social Engineering Conside...
Unlimited Attempts AllowedDetails Virtual Sniffing Social Engineering Conside...Unlimited Attempts AllowedDetails Virtual Sniffing Social Engineering Conside...
Unlimited Attempts AllowedDetails Virtual Sniffing Social Engineering Conside...stirlingvwriters
 
Every thing about Artificial Intelligence
Every thing about Artificial Intelligence Every thing about Artificial Intelligence
Every thing about Artificial Intelligence Vaibhav Mishra
 
Icit analysis-signature-based-malware-detection-is-dead
Icit analysis-signature-based-malware-detection-is-deadIcit analysis-signature-based-malware-detection-is-dead
Icit analysis-signature-based-malware-detection-is-deadRocco Magnotta
 
ARTIFICIAL INTELLIGENCE IN CYBER-SECURITY
ARTIFICIAL INTELLIGENCE IN CYBER-SECURITYARTIFICIAL INTELLIGENCE IN CYBER-SECURITY
ARTIFICIAL INTELLIGENCE IN CYBER-SECURITYvenkatvajradhar1
 
IRJET- Intervention of Artificial Intelligence in Cyber Security
IRJET- Intervention of Artificial Intelligence in Cyber SecurityIRJET- Intervention of Artificial Intelligence in Cyber Security
IRJET- Intervention of Artificial Intelligence in Cyber SecurityIRJET Journal
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with aiBurhan Ahmed
 
Swot Analysis Of Risksense Inc. Essay
Swot Analysis Of Risksense Inc. EssaySwot Analysis Of Risksense Inc. Essay
Swot Analysis Of Risksense Inc. EssaySandy Simonsen
 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM
 
Software Piracy Protection
Software Piracy ProtectionSoftware Piracy Protection
Software Piracy Protectionijtsrd
 
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]AngelGomezRomero
 

Similar to [DSC Europe 23][AI:CSI] Dragan Pleskonjic - AI Impact on Cybersecurity and Privacy (20)

Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
 
Artificial intelligence and machine learning: ultimate game changers
Artificial intelligence and machine learning: ultimate game changersArtificial intelligence and machine learning: ultimate game changers
Artificial intelligence and machine learning: ultimate game changers
 
How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security
 
State of AI Report 2023 - Air Street Capital
State of AI Report 2023 - Air Street CapitalState of AI Report 2023 - Air Street Capital
State of AI Report 2023 - Air Street Capital
 
Identifying a Cyber Security Platform that will maximize your investment for ...
Identifying a Cyber Security Platform that will maximize your investment for ...Identifying a Cyber Security Platform that will maximize your investment for ...
Identifying a Cyber Security Platform that will maximize your investment for ...
 
Security in the age of Artificial Intelligence
Security in the age of Artificial IntelligenceSecurity in the age of Artificial Intelligence
Security in the age of Artificial Intelligence
 
Applications Of Artificial Intelligence In Cyber Security
Applications Of Artificial Intelligence In Cyber SecurityApplications Of Artificial Intelligence In Cyber Security
Applications Of Artificial Intelligence In Cyber Security
 
#ATAGTR2019 Presentation "Security testing using ML(Machine learning), AI(Art...
#ATAGTR2019 Presentation "Security testing using ML(Machine learning), AI(Art...#ATAGTR2019 Presentation "Security testing using ML(Machine learning), AI(Art...
#ATAGTR2019 Presentation "Security testing using ML(Machine learning), AI(Art...
 
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
 
Unlimited Attempts AllowedDetails Virtual Sniffing Social Engineering Conside...
Unlimited Attempts AllowedDetails Virtual Sniffing Social Engineering Conside...Unlimited Attempts AllowedDetails Virtual Sniffing Social Engineering Conside...
Unlimited Attempts AllowedDetails Virtual Sniffing Social Engineering Conside...
 
Every thing about Artificial Intelligence
Every thing about Artificial Intelligence Every thing about Artificial Intelligence
Every thing about Artificial Intelligence
 
Icit analysis-signature-based-malware-detection-is-dead
Icit analysis-signature-based-malware-detection-is-deadIcit analysis-signature-based-malware-detection-is-dead
Icit analysis-signature-based-malware-detection-is-dead
 
ARTIFICIAL INTELLIGENCE IN CYBER-SECURITY
ARTIFICIAL INTELLIGENCE IN CYBER-SECURITYARTIFICIAL INTELLIGENCE IN CYBER-SECURITY
ARTIFICIAL INTELLIGENCE IN CYBER-SECURITY
 
IRJET- Intervention of Artificial Intelligence in Cyber Security
IRJET- Intervention of Artificial Intelligence in Cyber SecurityIRJET- Intervention of Artificial Intelligence in Cyber Security
IRJET- Intervention of Artificial Intelligence in Cyber Security
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with ai
 
Cybersecurity Research.pptx
Cybersecurity Research.pptxCybersecurity Research.pptx
Cybersecurity Research.pptx
 
Swot Analysis Of Risksense Inc. Essay
Swot Analysis Of Risksense Inc. EssaySwot Analysis Of Risksense Inc. Essay
Swot Analysis Of Risksense Inc. Essay
 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red Hat
 
Software Piracy Protection
Software Piracy ProtectionSoftware Piracy Protection
Software Piracy Protection
 
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
 

More from DataScienceConferenc1

[DSC Europe 23] Luciano Catani - AI in Diplomacy.PDF
[DSC Europe 23] Luciano Catani - AI in Diplomacy.PDF[DSC Europe 23] Luciano Catani - AI in Diplomacy.PDF
[DSC Europe 23] Luciano Catani - AI in Diplomacy.PDFDataScienceConferenc1
 
[DSC Europe 23] Irena Cerovic - AI in International Development.pdf
[DSC Europe 23] Irena Cerovic - AI in International Development.pdf[DSC Europe 23] Irena Cerovic - AI in International Development.pdf
[DSC Europe 23] Irena Cerovic - AI in International Development.pdfDataScienceConferenc1
 
[DSC Europe 23] Ilija Duni - How Foursquare Builds Meaningful Bridges Between...
[DSC Europe 23] Ilija Duni - How Foursquare Builds Meaningful Bridges Between...[DSC Europe 23] Ilija Duni - How Foursquare Builds Meaningful Bridges Between...
[DSC Europe 23] Ilija Duni - How Foursquare Builds Meaningful Bridges Between...DataScienceConferenc1
 
[DSC Europe 23] Branka Panic - Peace in the age of artificial intelligence.pptx
[DSC Europe 23] Branka Panic - Peace in the age of artificial intelligence.pptx[DSC Europe 23] Branka Panic - Peace in the age of artificial intelligence.pptx
[DSC Europe 23] Branka Panic - Peace in the age of artificial intelligence.pptxDataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Goran Dumic - Data-Driven Approach In Treatments
[DSC Europe 23][DigiHealth]  Goran Dumic -  Data-Driven Approach In Treatments[DSC Europe 23][DigiHealth]  Goran Dumic -  Data-Driven Approach In Treatments
[DSC Europe 23][DigiHealth] Goran Dumic - Data-Driven Approach In TreatmentsDataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Milos Todorovic - Bridging the Gap-Innovating Ag...
[DSC Europe 23][DigiHealth]  Milos Todorovic - Bridging the Gap-Innovating Ag...[DSC Europe 23][DigiHealth]  Milos Todorovic - Bridging the Gap-Innovating Ag...
[DSC Europe 23][DigiHealth] Milos Todorovic - Bridging the Gap-Innovating Ag...DataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Urosh VIlimanovich Clinical Data Management and C...
[DSC Europe 23][DigiHealth] Urosh VIlimanovich Clinical Data Management and C...[DSC Europe 23][DigiHealth] Urosh VIlimanovich Clinical Data Management and C...
[DSC Europe 23][DigiHealth] Urosh VIlimanovich Clinical Data Management and C...DataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Vladimir Brusic - SMART HEALTH HOME: Technology,...
[DSC Europe 23][DigiHealth]  Vladimir Brusic - SMART HEALTH HOME: Technology,...[DSC Europe 23][DigiHealth]  Vladimir Brusic - SMART HEALTH HOME: Technology,...
[DSC Europe 23][DigiHealth] Vladimir Brusic - SMART HEALTH HOME: Technology,...DataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Dimitar Penkov Grid Search Optimization of Novel...
[DSC Europe 23][DigiHealth]  Dimitar Penkov Grid Search Optimization of Novel...[DSC Europe 23][DigiHealth]  Dimitar Penkov Grid Search Optimization of Novel...
[DSC Europe 23][DigiHealth] Dimitar Penkov Grid Search Optimization of Novel...DataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Tomislav Krizan - AIMED
[DSC Europe 23][DigiHealth] Tomislav Krizan - AIMED[DSC Europe 23][DigiHealth] Tomislav Krizan - AIMED
[DSC Europe 23][DigiHealth] Tomislav Krizan - AIMEDDataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Djordje Hirs - Computer Vision in Melanoma Diagno...
[DSC Europe 23][DigiHealth] Djordje Hirs - Computer Vision in Melanoma Diagno...[DSC Europe 23][DigiHealth] Djordje Hirs - Computer Vision in Melanoma Diagno...
[DSC Europe 23][DigiHealth] Djordje Hirs - Computer Vision in Melanoma Diagno...DataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Katarina Vucicevic - Navigating theKinetics of Dr...
[DSC Europe 23][DigiHealth] Katarina Vucicevic - Navigating theKinetics of Dr...[DSC Europe 23][DigiHealth] Katarina Vucicevic - Navigating theKinetics of Dr...
[DSC Europe 23][DigiHealth] Katarina Vucicevic - Navigating theKinetics of Dr...DataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Anja Baresic 0- Croatian digital Healthcare ecosy...
[DSC Europe 23][DigiHealth] Anja Baresic 0- Croatian digital Healthcare ecosy...[DSC Europe 23][DigiHealth] Anja Baresic 0- Croatian digital Healthcare ecosy...
[DSC Europe 23][DigiHealth] Anja Baresic 0- Croatian digital Healthcare ecosy...DataScienceConferenc1
 
[DSC Europe 23][AI:CSI] Uros Arsenijevic Unlocking Cybersecurity with Seif
[DSC Europe 23][AI:CSI] Uros Arsenijevic Unlocking Cybersecurity with Seif[DSC Europe 23][AI:CSI] Uros Arsenijevic Unlocking Cybersecurity with Seif
[DSC Europe 23][AI:CSI] Uros Arsenijevic Unlocking Cybersecurity with SeifDataScienceConferenc1
 
[DSC Europe 23][AI:CSI] Goran Gvozden Improving Cybersecurity Posture with an...
[DSC Europe 23][AI:CSI] Goran Gvozden Improving Cybersecurity Posture with an...[DSC Europe 23][AI:CSI] Goran Gvozden Improving Cybersecurity Posture with an...
[DSC Europe 23][AI:CSI] Goran Gvozden Improving Cybersecurity Posture with an...DataScienceConferenc1
 
[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...
[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...
[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...DataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Muthu Ramachandran AI and Blockchain Framework fo...
[DSC Europe 23][DigiHealth] Muthu Ramachandran AI and Blockchain Framework fo...[DSC Europe 23][DigiHealth] Muthu Ramachandran AI and Blockchain Framework fo...
[DSC Europe 23][DigiHealth] Muthu Ramachandran AI and Blockchain Framework fo...DataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Ligia Kornowska-How_may AI help you
[DSC Europe 23][DigiHealth] Ligia Kornowska-How_may AI help you[DSC Europe 23][DigiHealth] Ligia Kornowska-How_may AI help you
[DSC Europe 23][DigiHealth] Ligia Kornowska-How_may AI help youDataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Ilya Zakharov - NETWORK NEUROSCIENCE WHERE THE BR...
[DSC Europe 23][DigiHealth] Ilya Zakharov - NETWORK NEUROSCIENCE WHERE THE BR...[DSC Europe 23][DigiHealth] Ilya Zakharov - NETWORK NEUROSCIENCE WHERE THE BR...
[DSC Europe 23][DigiHealth] Ilya Zakharov - NETWORK NEUROSCIENCE WHERE THE BR...DataScienceConferenc1
 
[DSC Europe 23][DigiHealth] Vesna Pajic - Machine Learning Techniques for omi...
[DSC Europe 23][DigiHealth] Vesna Pajic - Machine Learning Techniques for omi...[DSC Europe 23][DigiHealth] Vesna Pajic - Machine Learning Techniques for omi...
[DSC Europe 23][DigiHealth] Vesna Pajic - Machine Learning Techniques for omi...DataScienceConferenc1
 

More from DataScienceConferenc1 (20)

[DSC Europe 23] Luciano Catani - AI in Diplomacy.PDF
[DSC Europe 23] Luciano Catani - AI in Diplomacy.PDF[DSC Europe 23] Luciano Catani - AI in Diplomacy.PDF
[DSC Europe 23] Luciano Catani - AI in Diplomacy.PDF
 
[DSC Europe 23] Irena Cerovic - AI in International Development.pdf
[DSC Europe 23] Irena Cerovic - AI in International Development.pdf[DSC Europe 23] Irena Cerovic - AI in International Development.pdf
[DSC Europe 23] Irena Cerovic - AI in International Development.pdf
 
[DSC Europe 23] Ilija Duni - How Foursquare Builds Meaningful Bridges Between...
[DSC Europe 23] Ilija Duni - How Foursquare Builds Meaningful Bridges Between...[DSC Europe 23] Ilija Duni - How Foursquare Builds Meaningful Bridges Between...
[DSC Europe 23] Ilija Duni - How Foursquare Builds Meaningful Bridges Between...
 
[DSC Europe 23] Branka Panic - Peace in the age of artificial intelligence.pptx
[DSC Europe 23] Branka Panic - Peace in the age of artificial intelligence.pptx[DSC Europe 23] Branka Panic - Peace in the age of artificial intelligence.pptx
[DSC Europe 23] Branka Panic - Peace in the age of artificial intelligence.pptx
 
[DSC Europe 23][DigiHealth] Goran Dumic - Data-Driven Approach In Treatments
[DSC Europe 23][DigiHealth]  Goran Dumic -  Data-Driven Approach In Treatments[DSC Europe 23][DigiHealth]  Goran Dumic -  Data-Driven Approach In Treatments
[DSC Europe 23][DigiHealth] Goran Dumic - Data-Driven Approach In Treatments
 
[DSC Europe 23][DigiHealth] Milos Todorovic - Bridging the Gap-Innovating Ag...
[DSC Europe 23][DigiHealth]  Milos Todorovic - Bridging the Gap-Innovating Ag...[DSC Europe 23][DigiHealth]  Milos Todorovic - Bridging the Gap-Innovating Ag...
[DSC Europe 23][DigiHealth] Milos Todorovic - Bridging the Gap-Innovating Ag...
 
[DSC Europe 23][DigiHealth] Urosh VIlimanovich Clinical Data Management and C...
[DSC Europe 23][DigiHealth] Urosh VIlimanovich Clinical Data Management and C...[DSC Europe 23][DigiHealth] Urosh VIlimanovich Clinical Data Management and C...
[DSC Europe 23][DigiHealth] Urosh VIlimanovich Clinical Data Management and C...
 
[DSC Europe 23][DigiHealth] Vladimir Brusic - SMART HEALTH HOME: Technology,...
[DSC Europe 23][DigiHealth]  Vladimir Brusic - SMART HEALTH HOME: Technology,...[DSC Europe 23][DigiHealth]  Vladimir Brusic - SMART HEALTH HOME: Technology,...
[DSC Europe 23][DigiHealth] Vladimir Brusic - SMART HEALTH HOME: Technology,...
 
[DSC Europe 23][DigiHealth] Dimitar Penkov Grid Search Optimization of Novel...
[DSC Europe 23][DigiHealth]  Dimitar Penkov Grid Search Optimization of Novel...[DSC Europe 23][DigiHealth]  Dimitar Penkov Grid Search Optimization of Novel...
[DSC Europe 23][DigiHealth] Dimitar Penkov Grid Search Optimization of Novel...
 
[DSC Europe 23][DigiHealth] Tomislav Krizan - AIMED
[DSC Europe 23][DigiHealth] Tomislav Krizan - AIMED[DSC Europe 23][DigiHealth] Tomislav Krizan - AIMED
[DSC Europe 23][DigiHealth] Tomislav Krizan - AIMED
 
[DSC Europe 23][DigiHealth] Djordje Hirs - Computer Vision in Melanoma Diagno...
[DSC Europe 23][DigiHealth] Djordje Hirs - Computer Vision in Melanoma Diagno...[DSC Europe 23][DigiHealth] Djordje Hirs - Computer Vision in Melanoma Diagno...
[DSC Europe 23][DigiHealth] Djordje Hirs - Computer Vision in Melanoma Diagno...
 
[DSC Europe 23][DigiHealth] Katarina Vucicevic - Navigating theKinetics of Dr...
[DSC Europe 23][DigiHealth] Katarina Vucicevic - Navigating theKinetics of Dr...[DSC Europe 23][DigiHealth] Katarina Vucicevic - Navigating theKinetics of Dr...
[DSC Europe 23][DigiHealth] Katarina Vucicevic - Navigating theKinetics of Dr...
 
[DSC Europe 23][DigiHealth] Anja Baresic 0- Croatian digital Healthcare ecosy...
[DSC Europe 23][DigiHealth] Anja Baresic 0- Croatian digital Healthcare ecosy...[DSC Europe 23][DigiHealth] Anja Baresic 0- Croatian digital Healthcare ecosy...
[DSC Europe 23][DigiHealth] Anja Baresic 0- Croatian digital Healthcare ecosy...
 
[DSC Europe 23][AI:CSI] Uros Arsenijevic Unlocking Cybersecurity with Seif
[DSC Europe 23][AI:CSI] Uros Arsenijevic Unlocking Cybersecurity with Seif[DSC Europe 23][AI:CSI] Uros Arsenijevic Unlocking Cybersecurity with Seif
[DSC Europe 23][AI:CSI] Uros Arsenijevic Unlocking Cybersecurity with Seif
 
[DSC Europe 23][AI:CSI] Goran Gvozden Improving Cybersecurity Posture with an...
[DSC Europe 23][AI:CSI] Goran Gvozden Improving Cybersecurity Posture with an...[DSC Europe 23][AI:CSI] Goran Gvozden Improving Cybersecurity Posture with an...
[DSC Europe 23][AI:CSI] Goran Gvozden Improving Cybersecurity Posture with an...
 
[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...
[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...
[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...
 
[DSC Europe 23][DigiHealth] Muthu Ramachandran AI and Blockchain Framework fo...
[DSC Europe 23][DigiHealth] Muthu Ramachandran AI and Blockchain Framework fo...[DSC Europe 23][DigiHealth] Muthu Ramachandran AI and Blockchain Framework fo...
[DSC Europe 23][DigiHealth] Muthu Ramachandran AI and Blockchain Framework fo...
 
[DSC Europe 23][DigiHealth] Ligia Kornowska-How_may AI help you
[DSC Europe 23][DigiHealth] Ligia Kornowska-How_may AI help you[DSC Europe 23][DigiHealth] Ligia Kornowska-How_may AI help you
[DSC Europe 23][DigiHealth] Ligia Kornowska-How_may AI help you
 
[DSC Europe 23][DigiHealth] Ilya Zakharov - NETWORK NEUROSCIENCE WHERE THE BR...
[DSC Europe 23][DigiHealth] Ilya Zakharov - NETWORK NEUROSCIENCE WHERE THE BR...[DSC Europe 23][DigiHealth] Ilya Zakharov - NETWORK NEUROSCIENCE WHERE THE BR...
[DSC Europe 23][DigiHealth] Ilya Zakharov - NETWORK NEUROSCIENCE WHERE THE BR...
 
[DSC Europe 23][DigiHealth] Vesna Pajic - Machine Learning Techniques for omi...
[DSC Europe 23][DigiHealth] Vesna Pajic - Machine Learning Techniques for omi...[DSC Europe 23][DigiHealth] Vesna Pajic - Machine Learning Techniques for omi...
[DSC Europe 23][DigiHealth] Vesna Pajic - Machine Learning Techniques for omi...
 

Recently uploaded

EXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDF
EXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDFEXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDF
EXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDFProject Cubicle
 
Tips to Align with Your Salesforce Data Goals
Tips to Align with Your Salesforce Data GoalsTips to Align with Your Salesforce Data Goals
Tips to Align with Your Salesforce Data GoalsDataArchiva
 
Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...
Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...
Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...Samuel Chukwuma
 
A Gentle Introduction to Text Analysis :)
A Gentle Introduction to Text Analysis :)A Gentle Introduction to Text Analysis :)
A Gentle Introduction to Text Analysis :)UNCResearchHub
 
Artificial Intelligence for Vision: A walkthrough of recent breakthroughs
Artificial Intelligence for Vision:  A walkthrough of recent breakthroughsArtificial Intelligence for Vision:  A walkthrough of recent breakthroughs
Artificial Intelligence for Vision: A walkthrough of recent breakthroughsNikolas Markou
 
itc limited word file.pdf...............
itc limited word file.pdf...............itc limited word file.pdf...............
itc limited word file.pdf...............mahetamanav24
 
What you need to know about Generative AI and Data Management?
What you need to know about Generative AI and Data Management?What you need to know about Generative AI and Data Management?
What you need to know about Generative AI and Data Management?Denodo
 
Operations Data On Mobile - inSis Mobile App - Sample Screens
Operations Data On Mobile - inSis Mobile App - Sample ScreensOperations Data On Mobile - inSis Mobile App - Sample Screens
Operations Data On Mobile - inSis Mobile App - Sample ScreensKondapi V Siva Rama Brahmam
 
Ratio analysis, Formulas, Advantage PPt.pptx
Ratio analysis, Formulas, Advantage PPt.pptxRatio analysis, Formulas, Advantage PPt.pptx
Ratio analysis, Formulas, Advantage PPt.pptxSugumarVenkai
 
fundamentals of digital imaging - POONAM.pptx
fundamentals of digital imaging - POONAM.pptxfundamentals of digital imaging - POONAM.pptx
fundamentals of digital imaging - POONAM.pptxPoonamRijal
 
Introduction to data science.pdf-Definition,types and application of Data Sci...
Introduction to data science.pdf-Definition,types and application of Data Sci...Introduction to data science.pdf-Definition,types and application of Data Sci...
Introduction to data science.pdf-Definition,types and application of Data Sci...DrSumathyV
 
Choose your perfect jacket.pdf
Choose your perfect jacket.pdfChoose your perfect jacket.pdf
Choose your perfect jacket.pdfAlexia Trejo
 
Unlocking New Insights Into the World of European Soccer Through the European...
Unlocking New Insights Into the World of European Soccer Through the European...Unlocking New Insights Into the World of European Soccer Through the European...
Unlocking New Insights Into the World of European Soccer Through the European...ThinkInnovation
 
Customer Satisfaction Data - Multiple Linear Regression Model.pdf
Customer Satisfaction Data -  Multiple Linear Regression Model.pdfCustomer Satisfaction Data -  Multiple Linear Regression Model.pdf
Customer Satisfaction Data - Multiple Linear Regression Model.pdfruwanp2000
 
Basics of Creating Graphs / Charts using Microsoft Excel
Basics of Creating Graphs / Charts using Microsoft ExcelBasics of Creating Graphs / Charts using Microsoft Excel
Basics of Creating Graphs / Charts using Microsoft ExcelTope Osanyintuyi
 
ISO 27701:2022 Data Privacy New Version Presentation
ISO 27701:2022 Data Privacy New Version PresentationISO 27701:2022 Data Privacy New Version Presentation
ISO 27701:2022 Data Privacy New Version Presentationyogaallworks
 

Recently uploaded (17)

EXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDF
EXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDFEXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDF
EXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDF
 
Electricity Year 2023_updated_22022024.pptx
Electricity Year 2023_updated_22022024.pptxElectricity Year 2023_updated_22022024.pptx
Electricity Year 2023_updated_22022024.pptx
 
Tips to Align with Your Salesforce Data Goals
Tips to Align with Your Salesforce Data GoalsTips to Align with Your Salesforce Data Goals
Tips to Align with Your Salesforce Data Goals
 
Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...
Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...
Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...
 
A Gentle Introduction to Text Analysis :)
A Gentle Introduction to Text Analysis :)A Gentle Introduction to Text Analysis :)
A Gentle Introduction to Text Analysis :)
 
Artificial Intelligence for Vision: A walkthrough of recent breakthroughs
Artificial Intelligence for Vision:  A walkthrough of recent breakthroughsArtificial Intelligence for Vision:  A walkthrough of recent breakthroughs
Artificial Intelligence for Vision: A walkthrough of recent breakthroughs
 
itc limited word file.pdf...............
itc limited word file.pdf...............itc limited word file.pdf...............
itc limited word file.pdf...............
 
What you need to know about Generative AI and Data Management?
What you need to know about Generative AI and Data Management?What you need to know about Generative AI and Data Management?
What you need to know about Generative AI and Data Management?
 
Operations Data On Mobile - inSis Mobile App - Sample Screens
Operations Data On Mobile - inSis Mobile App - Sample ScreensOperations Data On Mobile - inSis Mobile App - Sample Screens
Operations Data On Mobile - inSis Mobile App - Sample Screens
 
Ratio analysis, Formulas, Advantage PPt.pptx
Ratio analysis, Formulas, Advantage PPt.pptxRatio analysis, Formulas, Advantage PPt.pptx
Ratio analysis, Formulas, Advantage PPt.pptx
 
fundamentals of digital imaging - POONAM.pptx
fundamentals of digital imaging - POONAM.pptxfundamentals of digital imaging - POONAM.pptx
fundamentals of digital imaging - POONAM.pptx
 
Introduction to data science.pdf-Definition,types and application of Data Sci...
Introduction to data science.pdf-Definition,types and application of Data Sci...Introduction to data science.pdf-Definition,types and application of Data Sci...
Introduction to data science.pdf-Definition,types and application of Data Sci...
 
Choose your perfect jacket.pdf
Choose your perfect jacket.pdfChoose your perfect jacket.pdf
Choose your perfect jacket.pdf
 
Unlocking New Insights Into the World of European Soccer Through the European...
Unlocking New Insights Into the World of European Soccer Through the European...Unlocking New Insights Into the World of European Soccer Through the European...
Unlocking New Insights Into the World of European Soccer Through the European...
 
Customer Satisfaction Data - Multiple Linear Regression Model.pdf
Customer Satisfaction Data -  Multiple Linear Regression Model.pdfCustomer Satisfaction Data -  Multiple Linear Regression Model.pdf
Customer Satisfaction Data - Multiple Linear Regression Model.pdf
 
Basics of Creating Graphs / Charts using Microsoft Excel
Basics of Creating Graphs / Charts using Microsoft ExcelBasics of Creating Graphs / Charts using Microsoft Excel
Basics of Creating Graphs / Charts using Microsoft Excel
 
ISO 27701:2022 Data Privacy New Version Presentation
ISO 27701:2022 Data Privacy New Version PresentationISO 27701:2022 Data Privacy New Version Presentation
ISO 27701:2022 Data Privacy New Version Presentation
 

[DSC Europe 23][AI:CSI] Dragan Pleskonjic - AI Impact on Cybersecurity and Privacy

  • 1. Copyright © 2023 Dragan Pleskonjic. All rights reserved. AI Impact on Cybersecurity and Privacy ∑∏ vSOC Copyright © 2023 Dragan Pleskonjic. All rights reserved. Visit inpresec.com | glog.ai | securitypredictions.xyz to learn more
  • 2. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Dragan Pleskonjić Senior Director Application Security at global international company Rich experience in creating and managing start-ups, new businesses development Leading management positions in multinational corporations Expertise in information security, computer software and networks Prolific academic career: Adjunct Professorship, author of books, scientific papers and journal articles Scientific and security leader, researcher, advisor, architect Inventor with U.S. patents granted and several patent applications pending (USPTO, CIPO, EPO, WIPO) Entrepreneur, leader, motivator, visionary Current focus: Initiator and founder of projects INPRESEC, Glog.AI, Security Predictions and vSOC Personal Website | LinkedIn | Twitter https://www.dragan-pleskonjic.com/
  • 3. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Vladimir Jelić Senior Manager Application Security at global international company In his current role, he participates in application security efforts on a global organization level. His work includes Software Security Assurance (SSA), Static Code Analysis (SCA), work with Static Application Security Testing (SAST) and Software Composition Analysis (SCA) tools, automation of processes, and overall collaboration with software development life cycle (SDLC) participants. He is focused on cyber security and software security solutions aided by machine learning and artificial intelligence. Prior current role, Vladimir has ten years of experience in software development roles.
  • 4. Copyright © 2023 Dragan Pleskonjic. All rights reserved. From Cybersecurity to Cyber Resilience Cyber risk isn’t just a technical problem, it’s also a financial problem! Source: https://partners.wsj.com/resilience/cyber -strong/from-cybersecurity-to-cyber- resilience/
  • 5. Copyright © 2023 Dragan Pleskonjic. All rights reserved.
  • 6. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Agenda What is AI & current state How AI can be misused for cybersecurity attacks Use AI to defend information systems and networks Future concerns and opportunities Examples of cybersecurity solutions aided by ML & AI
  • 7. Copyright © 2023 Dragan Pleskonjic. All rights reserved. What is AI? Definition Artificial intelligence AI (also machine intelligence, MI) is intelligence displayed by machines, in contrast with the natural intelligence (NI) displayed by humans and other animals. In computer science, AI research is defined as the study of “intelligent agents”: any device that perceives its environment and takes actions that maximize its chance of success at some goal. Colloquially, the term “artificial intelligence” is applied when a machine mimics “cognitive” functions that humans associate with human minds, such as “learning” and “problem solving.” Strong AI ― Claim that computers can be made in a way to “think” as humans. To be more precise, it is a claim that there is a class of computer programs which, when implemented, make computers mimic human thinking. Weak AI ― Claim that computers are important tools in modelling simulations of human behavior.
  • 8. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Self driving cars, smart cars, other vehicles, flying objects Speech and image recognition and analysis Cybersecurity and software security Medical diagnosis, pharmacy Virtual personal assistants Recommendation services: shopping, movies, music, books, etc. Purchase and market prediction, advertising News generators (e.g., fake news and deep fakes) Military uses Recent examples of AI in use
  • 9. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Current state of AI • OpenAI - “OpenAI is an AI research and deployment company. Our mission is to ensure that artificial general intelligence benefits all of humanity.” • OpenAI Codex - “We’ve created an improved version of OpenAI Codex, our AI system that translates natural language to code, and we are releasing it through our API in private beta starting today.” • GitHub Copilot uses the OpenAI Codex to suggest code and entire functions in real-time, right from your editor. • ChatGPT is an artificial-intelligence (AI) chatbot developed by OpenAI and launched in November 2022. It is built on top of OpenAI's GPT-3.5 and GPT-4 families of large language models (LLMs) and has been fine-tuned (an approach to transfer learning) using both supervised and reinforcement learning techniques. Interesting fact: Research shows that Copilot is introducing as many security vulnerabilities as humans do! Need for security testing will stay or even need to be extended. Security and Privacy concerns: • Datasets and models poisoning • AI and ML models attacks • Leaking personal and confidential data • Intellectual property leaks • Right of use data for training • Ownership products created by AI
  • 10. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Cybersecurity and AI: Different perspectives Defenders have also started to use it Attackers already use AI This battle started and will last for long time Who has advantage?
  • 11. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Current Uses of AI in Cybercrime Hackers are turning to AI and using it to weaponize malware and attacks to counter the advancements made in cybersecurity solutions (e.g., criminals use AI to conceal malicious code in benign applications). • Sophisticated phishing • Criminals are using AI to crack passwords faster • Breaking CAPTCHA • Data poisoning • Manipulating bots • Code which changes itself to hide from antimalware tools and cover tracks • Learning defensive techniques and technologies • Deepfakes: images, audio, video • Leaking sensitive data and intellectual property Data theft Malware development Phishing emails Impersonation Spam Deepfakes Ransomware Misinformation BEC (Business Email Compromise) Manipulating Bots
  • 12. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Create any Deepfake with Hoodem™, the unlimited deepfake creator You can create something illustrative and educational But make sure to think about ethic!
  • 13. Copyright © 2023 Dragan Pleskonjic. All rights reserved. AI Powered Cyber Attack Tools BlackMamba: Using AI to Generate Polymorphic Malware DeepLocker: How AI Can Power a Stealthy New Breed of Malware WormGPT – The Generative AI Tool
  • 14. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Backdoor Attacks against Black-box Machine Learning Models • Backdoor attacks aim to inject backdoors to victim machine learning models during training time, such that the backdoored model maintains the prediction power of the original model towards clean inputs and misbehaves towards backdoored inputs with the trigger. • The reason for backdoor attacks is that resource- limited users usually download sophisticated models from model zoos or query the models from MLaaS rather than training a model from scratch, thus a malicious third party has a chance to provide a backdoored model. • In general, the more precious the model provided (i.e., models trained on rare datasets), the more popular it is with users.
  • 15. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Impact of AI in Cybercrime • Given the black market for cybercriminal tools and services, AI can be used to make operations more efficient and profitable. In identifying targets for attacks, cybercriminals can start and cease attacks with millions of transactions in just minutes, because of fully-automated attack infrastructure. • Can AI be hacked? The hacking of artificial intelligence is an emerging security crisis. Pre-empting criminals attempting to hijack artificial intelligence by tampering with datasets or the physical environment, researchers have turned to adversarial machine learning. • Will AI take over cyber security? The answer is probably no; however, AI will drastically change the kinds of work cyber engineers are doing. While AI may be great for processing large amounts of data or replacing autonomous manual tasks, it will never be able to replace a security analyst's insights or understanding of the field.
  • 16. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Fighting Cybercrime with AI AI weaponization countermeasures needed now Risk management needs to take in consideration of these threats Security processes and tools to include means of detecting and protecting from AI based attacks Stringiest standards and regulations against attackers AI weaponization is going beyond computer systems as the main pathway for attacks
  • 17. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Future concerns New malware strains would be able to learn from detection events. If a strain of malware was able to determine what caused its detection, the same behavior or characteristic could be avoided the next time around. More sophisticated social engineering attacks People with even basic skills can use AI cyberweapons to launch attacks – bigger population of attackers. Proliferation of AI based cyberweapons on Internet if regulations lag behind.
  • 18. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Challenge “Security debt” starts here T I M E Tens of millions of security interesting events monthly Humans hardly can cope with all of them Breaches cost lot of $$$$$$$ False positives Alarms noise triage How to remediate / fix issues? Cybercrime to cost the world $10.5 trillion annually by 2025 Copyright © 2023 Dragan Pleskonjic. All rights reserved.
  • 19. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Cybersecurity Solutions aided by ML & AI ∑∏ vSOC Copyright © 2023 Dragan Pleskonjic. All rights reserved. INPRESEC (Intelligent Predictive Security) – Network and end-point security. Detect anomalies in behavior, security threats and attacks. Security Predictions - Uses various parameters and input data from set of internal and external sources, it analyses them and, through set of our proprietary algorithms, gives probabilities of possible threats and attacks. Glog – making software more secure. A solution that is able to give remediation advice based on context or, even more, to automatically fix the security vulnerabilities in software code. vSOC (Virtual Security Operations Center) - Uses INPRESEC and Glog solutions, together with Security Predictions and other tools for building and operating virtual Security Operations Center – vSOC.
  • 20. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Key INPRESEC Solution Elements INPRESEC SENSOR • Software, can be appliance analyses network traffic & possible security violations, classification based on Machine Learning (ML) - network-based system INPRESEC AGENT • Software installed on a computer (server, desktop, laptop), mobile device (smart phone, tablet etc.) or network devices (routers, firewalls, etc.), classification based on ML – host- based system INPRESEC SERVER • Software - integrates functions of sensors & agents • Collects data from Sensors & Agents, analysis, classifying, learning & correlation and actions, based on ML • Can be linked to SOC / CERT centers or to other security elements (AV, DLP, SIEM,...) INPRESEC ADMIN • Dashboard, Configuration Console, Management, Monitoring & Reporting Tools. • Sends alerts or other info through various communication means INPRESEC TRAINER • Software – training system based on ML • Takes annotated vectors from datasets and creates new ML based models, constantly improving detection accuracy and ROC INPRESEC PREDICTION MODULE • Software – data feed with probabilities of security events in future • Prediction based on various data sources, Threat Intelligence (TI), predictive analytics and ML – This is part of Security Predictions as separate solution.
  • 21. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Concepts and Deployment Classification of events allowed/not allowed • Action based on the result of classification Deployment: Security as a Service – Cloud based  Security as an cloud hosted and managed service Product model – on premises  Hosted by client Security analyst in the loop • Learn from security experts vSOC
  • 22. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Solution Components - Sensor vSOC
  • 23. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Network and End-Point Security Computers with Agents Sensor 1 Firewall & Router ML & AI Local Server Admi n Sensor 2 Devices with Agents ML & AI Cloud Server ML & AI Trainer
  • 24. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Virtual Security Operations Center (vSOC) vSOC (Virtual Security Operations Center) - Uses INPRESEC and Glog solutions, together with Security Predictions and other tools for building and operating virtual Security Operations Center – vSOC. vSOC Detect Analyze Mitigate People, processes, technology
  • 25. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Threat Intelligence and Security Predictions ML and AI can help with: Processing huge amounts of data and finding real threats. Use of various parameters and input data from set of internal and external sources, it analyses them and, through set of proprietary algorithms, gives probabilities of possible threats and attacks. Some of inputs: Finding needle in haystack. vSOC ∑∏
  • 26. Copyright © 2023 Dragan Pleskonjic. All rights reserved. What is added value? 1  3  4  2  Predicts, prevents & detects security threats and attacks before they affect live systems. Continual improvement process. Demonstrable accuracy better than 99% after set of learning cycles. Minimizes work of security teams, while improving accuracy, reaction time and security solutions performance Saves significant amount of money, time and efforts for companies and organizations. vSOC
  • 27. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Software Security Application Security Testing SAST SCA IAST DAST VA PT RASP
  • 28. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Developers lose too much time and may not be sufficiently skilled to analyze findings Large number of findings, some of them false positives Sometimes SAST reports don’t detect right process and data flows, entry points, sources and sinks of issues and also security controls in code which are already in place Unclear or incomplete remediation advice offerred Time and resources to fix issues extensive, time consuming and unpredictable Remediation Challenges
  • 29. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Solution: Auto- Remediation Imagine a solution that is able to: • triage issues • flag false positives • give remediation advice based on context for real security vulnerabilities • automatically fix the security vulnerabilities Services Products Software Security as a Service (SSaaS), Cloud- based solution On premises solution Plug-ins for IDEs Add-on for build and CI/CD systems Per project Per number of findings Integrate security into Software Development Lifecycle (SDLC)
  • 30. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Glog is integral part of DevSecOps • DevSecOps stands for development, security, and operations. • It's an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire IT lifecycle. • „Extend to left“ approach (SDLC)
  • 31. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Software Security - Example Based on experience: 2 – 4 hours per finding Real life example: Classic approach: New approach aided by ML and AI: 1,000 findings x 2 = 2,000 hours => 12 man-months > 80% are false positives ML and AI can help with triage false positives, remediation advice or automatic remediation 13.7 man-years 4 man-days
  • 32. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Advantages Significantly faster remediation Less prone to errors than [unexperienced] developers Resource savings (development time, money) Agility in process Faster delivery of products Automatic implementation of architectural and threat model security controls Enforce security best coding practices Glog.AI can give very precise remediation advice for security vulnerabilities in software code based on specific context. It is not about code only but involves analysis and implementation of architectural and threat model security controls, correlation with other application security processes and tools through entire SDLC (Software Development Lifecycle). #ExtendToLeft #Extend2Left.
  • 33. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Effective Strategies to Help Fill the Cybersecurity Skills Gap […] Additionally, organizations must continue investing in automation despite tighter technology budgets. By leveraging tools that handle the more tedious backend work and provide detailed analysis and next steps, businesses can curb expensive human labor costs while ensuring security at scale. These tools also make it possible for teams to focus on more valuable work and projects, which contributes to talent retention. Today, countless hours are spent sifting through alerts to determine which are critical. By automating mundane tasks such as this, team members can spend more time on high-value projects, resulting in them feeling more fulfilled and less likely to leave. […] https://www.darkreading.com/endpoint/addressing-cybersecurity-talent- shortage-its-impact-on-cisos
  • 34. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Books / Further reading
  • 35. Copyright © 2023 Dragan Pleskonjic. All rights reserved. INPRESEC & Glog.AI Demo
  • 36. Copyright © 2023 Dragan Pleskonjic. All rights reserved. Thank you Contact: dragan@conwex.org Copyright © 2023 Dragan Pleskonjic. All rights reserved. Visit • inpresec.com • glog.ai • securitypredictions.xyz to learn more ∑∏ vSOC