IT Brief Australia - Technology news for CIOs & IT decision-makers
Story image
Tenable unveils four prototype AI cybersecurity tools
Wed, 3rd May 2023

Exposure Management company Tenable has developed four new prototype AI cybersecurity tools to help firms combat a new generation of cyber threats and to create efficiencies in the cybersecurity research process. 

This includes areas such as reverse engineering, code debugging, web application security and gaining visibility into cloud-based tools. 

This development comes at a time when concerns are growing over the potential unintended consequences of unregulated AI, with more organisations demanding swift action to establish responsible and ethical AI practices. The Responsible AI Index report reveals a concerning trend, with only 24% of companies having measures in place to ensure their AI practices align with global best practices, despite 82% believing they are using AI responsibly. 

"The complexity of modern-day cyberattacks has opened up new avenues for generative AI to make a significant impact in cybersecurity research," says Ray Carney, Director, Security Response and Zero-Day Research, Tenable. 

"While we've only just scratched the surface of how AI can play a role in security research, Tenable has already leveraged new tools that can act as a force multiplier and reduce labour-intensive and complex work that can enhance productivity and enable us to identify vulnerabilities more swiftly and effectively. "

In response, Tenable has carefully embraced the technology and examined how it can be used to enhance both security and protection measures. The new tools outlined in an accompanying report by Tenable titled How Generative AI Is Changing Security Research will help the cybersecurity community identify vulnerabilities efficiently and at a faster pace. 

Reverse engineering: Tenable created G-3PO, a tool that automates part of the reverse engineering process helping engineers understand the code's functionality quickly and efficiently without reading every line.

Debugging code: Debugging code requires understanding intricate technical details across multiple areas. Tenable developed an AI assistant that works with GDB to make finding and fixing mistakes in code easier.

Improving web app security: Web applications provide a unique challenge for researchers due to the complexities of identifying vulnerabilities within them. To improve web application security, Tenable created an extension called BurpGPT that uses ChatGPT and Burp Suite to help researchers find and fix common web application vulnerabilities.

Increasing visibility into cloud-based tools. Organisations often overlook the issue of misconfigurations in identity and access management (IAM) when it comes to cloud security, even though it's one of the most common concerns. Since IAM policy misconfigurations are common, Tenable created a tool called EscalateGPT to identify issues in IAM policies and improve Tenable Cloud Security.