Ian Campbell 🏴1d ago

Okay, okay. I need to devote some time to catching up on genAI capabilities in a professional sense.

Security Researchers & SecOps - what's your favorite use case so far?

Also, what's a lesson you learned the hard way?

***Also - please save the snark. I'm tired, and this is a genuine, if hesitant, ask.

#infosec

Show threadA wizard did it  🇨🇦1d ago

@neurovagrant alright I'll bite:

The only instance I've found AI useful: de-obfuscating obfuscated code. I use it for this because I don't know how to do it myself (because I'm bad and dumb)

A lesson I learned the hard way: Spending 3 hours trying to get a KQL query to work in Sentinel following instructions given to me by an AI, only to realize that the reason why it didn't work is because the primary table the AI gave me didn't exist, and had never existed.

Show thread🔥 this is fine
@Mustardfacial @neurovagrant i have used it to sketch up KQL when i dont know where to start. And it is ok ish at that, but only if i already dont know where to look for the data, spending three hours in sentinel with a generated KQL or there hours in MS learn to try to figure it out, it is a bit the same. Its not like MS learn is a single source of truth either, it is not very well maintained, and sentinel changes too fast for learn to keep up
Apr 2 at 6:27pmWeb