Merry Christmas🎄- From Recon to Defense: AI Tactics You Can’t Ignore

Jason Haddix’s BSides Orlando Talk on Red, Blue, and Purple Team AI Tactics - Practical AI Tools for Cybersecurity Pros

Hello Cyber Builders 🖖

In this family-oriented week, I wanted to stay short and not bother you with too much content. I thought a video would be entertaining for most of you.

You know - as I already mentioned - that hackers' conferences are pure gold. And Jason Haddix’s latest deep dive into AI at BSides Orlando is no exception. It’s not about the buzz or fluff—these are actionable insights into how AI can be used for the red-team, blue-team, and purple-team engagements.

Throughout the presentation, Jason demonstrated how well-crafted system prompts can enhance the daily lives of security engineers and practitioners, making them valuable assets in cybersecurity.

A Christmas Tree for Red, Blue, and Purple Teams! Credits Maya H

Generative AI can assist and accelerate Red Teams and Blue Teams operations.

The video walks you through various topics for Red Teams or Blue Teams

Jason presented various innovative strategies to enhance offensive cybersecurity tactics. He emphasized the importance of understanding vulnerabilities and using GPT bots to accelerate penetration testing. He noted that leveraging existing knowledge of subdomains can significantly improve reconnaissance efforts.

Additionally, he highlighted using AI as a tool for generating phishing emails. Jason also explored automating application security reviews and creating diverse XSS (Cross-Site Scripting) patterns.

Haddix also covered using AI to generate an incident coordination checklist or an excellent tabletop scenario.

All these tools have now “Bots” to generate or update their signature

As we all know, AI is also good at generating code. Cybersecurity can effectively generate SIEM queries to hunt for threats using the Graylog, Elastic ELK stack, or Cisco Splunk.

But it does not stop at SIEM and log management: Generative AI can accelerate using Suricata, Yara, OsQuery, and many other Detection Engineering tools. There is no need to learn their complex signature language for weeks when an AI can generate a good query or signature based on your intent (e.g., the prompt).

The Full Video - Enjoy

I want to take a moment to wish everyone a Merry Christmas! May this festive season bring you joy, peace, and time to reflect with loved ones. Thank you for being a part of our community, and I look forward to more exciting discussions in the new year!

Laurent 💚