<ul><li>Artificial intelligence can automate and accelerate all phases of incident handling such as from detection to response. However, many applications are underperforming when it comes to cybersecurity.</li><li>The two long-tested techniques for AI cybersecurity are: attack detection and anomaly detection. Although they may assist in reducing human workload, neither approach is considered entirely reliable.</li><li>AI can be helpful in filtering FPs, alert prioritization, anomaly detection, and detecting suspicious behavior, but it is not a silver bullet to solve all detection problems, and it cannot work autonomously.</li><li>Large Language Models in cybersecurity LLMs for routine tasks, such as generating detailed cyberthreat descriptions and initial analysis of source code can be helpful.</li><li>Available research on the performance of skilled employees aided by LLMs shows mixed results. Therefore, these solutions should be implemented gradually upon an evaluation of the time investment and the quality of the result.</li></ul>

Which cybersecurity processes can be automated with AI? | Kaspersky official blog

Discover more