Recursos
/
Quiver – Using Cutting Edge ML to Detect Command Lines for Hunters | Gal Braun and Dean Langsam
junio 26, 2023
Quiver – Using Cutting Edge ML to Detect Command Lines for Hunters | Gal Braun and Dean Langsam
What do GPT3, DALL-E2, and Copilot have in common? By grasping the structure and nature of language, these projects can generate text, images, and code that provide added value to a user. Now, they even understand command lines!
Quiver – QUick Verifier for Threat HuntER - is an application aimed at understanding command lines and performing tasks like Attribution, Classification, Anomaly Detection, and many others.
DALL-E2 is known to take an input prompt in human language and draw a stunning image with impressive matching results; GPT3 and similar projects can create an infinite amount of text seemingly written by a real person, while Github’s Copilot can generate entire functions from a comment string.
Command lines are a language in themselves and can be taught and learned the same way other languages can. And the application can be as versatile as we want. Imagine giving a command line to an input prompt and getting the probability of it being a reverse shell, by an Iranian actor, or maybe used for cybercrime. A single prompt on its own may not help so much, but with the power of language models algorithms, the threat hunter can have millions of answers in a matter of minutes, shedding a light on the most important or urgent activities within the network.
In this session, Dean and Gal demonstrate how they developed such a model, along with real-world examples of how the model is used in applications like anomaly detection, attribution, and classification.
Recursos relacionados
Resource
SentinelOne PartnerOne - America's 2025
⛳️ Last week in Pebble Beach the America's best cybersecurity partners came together for our annual PartnerOne summit. Check out…
View Asset
Resource
Just a Sec: Cybersecurity Unfiltered—Fast, Frank, and From the Front Lines
Welcome to the first-ever Just A Sec, a no-holds-barred, quick-fire monthly livestream. It’s cybersecurity like you’ve never heard it before—unfiltered,…
View Asset