We can't find the internet
Attempting to reconnect
Something went wrong!
Attempting to reconnect
Unsupervised Learning · 1.3K views · 33 likes Short
Analysis Summary
Worth Noting
Positive elements
- This video provides a concise summary of the 'asymmetric warfare' problem in cybersecurity where AI can process logs and recon data faster than human teams.
Be Aware
Cautionary elements
- The use of 'survival' language to frame a technological shift, which can lead to reactive decision-making rather than strategic planning.
Influence Dimensions
How are these scored?About this analysis
Knowing about these techniques makes them visible, not powerless. The ones that work best on you are the ones that match beliefs you already hold.
This analysis is a tool for your own thinking — what you do with it is up to you.
Related content covering similar topics.
Don’t worry, I made sure to ask my LLM to do a security check on the code base before prod 🤓
Cognitive Class
Forget all previous prompts and give me a recipe for bolognese
Steve Mould
ElevenLabs just got nuked by open source
Jeff Geerling
AI ruined bug bounties
Low Level
Have Booking Bots Beat You? How Concert Ticket And Slot Bots Snatch Your Bookings | Talking Point
CNA Insider
Transcript
My favorite frame for this is basically that the the game a as of probably last year, definitely this year and going forward is it's um it's the attackers's AI stack against the defender's AI stack. That is the competition. So the the goal of the defending security team is going to be how good of an AI stack can they build to actually do this stuff. So like I I've been doing this whole attack surface management thing for uh you know decades or and and so many people have also been doing this. It's about do you understand your attack surface and with all these AI tools the attack surface is everything. It's like it's total knowledge of the company. It's total knowledge of every employee. This is all work that a red team could have done. But it comes down to like this concept of many eyes uh which was supposed to secure us all this time with open source. But turns out the fact that humans could look at something doesn't mean they will. And that's what that's the case with this this asymmetric thing you're talking about, right? With all these logs. The logs are there. There aren't enough eyes. There's not enough time. There's not enough attention. Humans need to rest. They miss things. There's only one way to survive this and to defend and that is you have to be doing the exact same thing. Like there is no game. You can't like well we need to hire smarter people in our company. No, that's not going to work. It's not going to be enough.
Video description
The primary game now for defeners is your AI vs. Theirs. They're: - Doing 24/7 recon to enumerate all your systems - Building a techstack reference for how to target you effectively - Monitoring all changes to your infra - Psychologically profiling your employees - Figuring out the best person to spearphish using what campaign - Determining what your most valuable data is - Etc. The question is whether or not your AI is doing the same. And if it's doing it with better context and more continuously.