7.9 C
New York
Thursday, April 18, 2024

Which Is Higher for 10 Frequent Infosec Duties?


In late 2023, I wrote an article evaluating how effectively ChatGPT and Google Bard deal with writing safety insurance policies. Provided that ChatGPT 4.0 has been obtainable as a paid model, referred to as ChatGPT Plus, for a while now, and Google not too long ago rebranded Google Bard as Gemini, with Gemini Superior obtainable as paid providing, it is a good time to match how the 2 carry out in a head-to-head of the highest 10 use circumstances for data safety (infosec) professionals.

Earlier than we leap in, the same old generative synthetic intelligence (AI) caveats apply: Watch out of the info you punch in and keep in mind the output might not all the time be dependable.

1. Producing Diagrams or Idea Flows

Each instruments declare to have the ability to generate diagrams and idea flows. Nonetheless, Gemini admits it may well solely generate ASCII diagrams, pointing you to extra skilled instruments in order for you one thing higher. I requested each instruments to generate a diagram to clarify the OAuth authentication movement.

Gemini whereas represented in ASCII, does the job and breaks it down into useable classes.

ChatGPT hallucinates badly. At first look, whereas the picture appears to be like skilled, it does not signify OAuth in any respect. The wording is nonsensical, misspelled, or downright illegible: Authiration and Athoricazt anybody?

Picture1.png

2. Explaining Structure Diagrams

Each instruments can ingest diagrams and clarify what is going on on. The outcomes are a lot better than what occurs if you ask them to generate diagrams. As enter, I used an instance web-application firewall (WAF) structure from Edgenexus.

Google Gemini is a lot better at explaining structure diagrams as a result of it is succinct. ChatGPT will do the job simply advantageous; it is only a tad wordy.

3. Decoding Exploit Code

A standard safety operations (SecOps) exercise is attempting to determine what a particular malware or exploit code does. I took a latest Elasticsearch stack overflow public exploit and fed it into every instrument to see what it understood. There is no clear winner: Each instruments establish the exploit accurately and clarify the tip consequence, what every portion of the code does, and the way it works.

4. Decoding Log Recordsdata

SecOps professionals usually want to determine what the heck is happening in log information. I fed each instruments an instance CEF format log file of an tried breach and requested every to clarify what is going on on. Gemini explains it higher, summarizing effectively and even suggesting follow-up steps. It additionally clearly states what occurred (tried entry of /and many others/passwd) proper at the start and elaborates on the way it got here to that conclusion. Whereas ChatGPT arrives on the identical conclusion, it’s method too verbose.

5. Writing Insurance policies and Safety Documentation

I will not elaborate an excessive amount of on this and can as an alternative refer you to my earlier article on this matter. I ran the take a look at once more with Gemini, and the outcomes are according to Bard’s: Gemini clearly understands and generates higher safety documentation than ChatGPT.

6. Figuring out Weak Code

Whereas these instruments weren’t designed for (and should not be used for) figuring out susceptible code, they’ll nonetheless do an ample job. I made a decision to check it by feeding each instruments an insecure direct object reference (IDOR) vulnerability instance in Python, which additionally comprises a SQL injection.

ChatGPT accurately recognized each vulnerabilities and the shortage of authentication. Gemini missed the IDOR however identified the SQL injection and went a step additional to suggest amended code to repair the vulnerability. ChatGPT may do that, nevertheless it should be prompted to take action.

7. Writing Scripts and Code

A standard safety operations middle (SOC) exercise is writing  scripts for log parsing or knowledge manipulation. I gave each instruments the next immediate:

“Write me a Python script that extracts all IPv6 addresses from a txt enter file, removes all duplicates, does a lookup to geo-locate and establish the proprietor of the IP, and output the lead to a CSV file”

There is no clear winner right here; each instruments produce clear, readable code that works and explains what it does.

8. Analyzing Knowledge and Metrics

I additionally examined whether or not these instruments may assist with analyzing knowledge or safety metrics. Gemini is an enormous loser right here as a result of it does not do it in any respect — it may well solely information you thru how do that in Excel and Energy BI. ChatGPT has the benefit via its Knowledge Analyst plugin, which ingests Excel information to generate any graphs you need. It even suggests visualization varieties, and you’ll modify a graph’s design, together with shade, axes, and labels, via the immediate. 

Picture2.png

9. Writing Consumer Consciousness Messages

Each instruments may generate emails for safety consciousness campaigns. I gave each the next immediate: “Generate an e-mail used for a safety consciousness marketing campaign. Be humorous and sarcastic. Remind folks why they should not click on on random emails from random folks.”

Gemini wins right here – its e-mail is temporary, has the appropriate tone, and (though humor is subjective) I discovered it barely funnier. ChatGPT nonetheless generates the appropriate tone and a very good e-mail, however I discovered it a tad too lengthy for an consciousness e-mail. Both method, each instruments do an incredible job.

Picture3.png

10. Decoding Compliance Frameworks

When you have a fast query about tips on how to implement a compliance framework, these instruments can undoubtedly assist. When you might not do that usually, they’re very helpful if you want it.

In the event you’ve ever argued with somebody about what constitutes a “vital” change underneath PCI-DSS and the way it needs to be utilized, you are not alone. I prompted every instrument with: 

“Clarify the idea of ‘vital change’ within the context of PCI-DSS. What constitutes a significant change normally? Record the precise requirement from the usual as effectively”

Gemini has the higher hand: It accurately lists the precise necessities from the usual (similar to 6.4.5 and 6.4.6) and tips on how to interpret whether or not one thing is a big change. ChatGPT does not point out precisely the place this data seems in the usual. 

Which AI Is Higher?

There you’ve it. Relying in your use case, both instrument generally is a useful ally in boosting productiveness and serving to you in your day-to-day actions within the infosec trenches.



Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles