The 1983 techno-thriller WarGames, starring a young Matthew Broderick and Ally Sheedy, is credited with popularizing the concepts of computer hacking and cybersecurity in broader American society.
In the movie, which won three Oscars and has since become a cult classic among techno-nerds, a young hacker nearly destroys the world by compromising a Defense Department weapons system, almost triggering World War III.
To prevent a nuclear exchange, Broderick’s character turned into a white-hat hacker and outmaneuvered the artificial intelligence agent he had inadvertently provoked.
Truth is Stranger Than Fiction
In today’s actual digital battleground, hackers are using artificial intelligence to accelerate their Vulnerability → Exploitation → Weaponization kill chain. In other words, they can design and execute an attack technique against a specific enterprise target more quickly. The result is that breakout times are shrinking, and the window for defenders to respond and prevent significant operational and financial damage is closing. To counter this, like Broderick’s character, modern enterprises must “Play the Game” and fight fire with fire. They must become AI-assisted defenders.
AI in Cybersecurity: The Need for Speed
To respond to this imperative, our Xshield Enterprise Microsegmentation Platform™ uses AI to help our customers accelerate their ability to thwart emerging lateral movement attack tactics, techniques, and procedures. This helps balance out the advantage that hackers gain from AI-assisted exploitation.
Xshield Navigator is our implementation of a private-instance Large Language Model (LLM), enabling security teams to accelerate their microsegmentation policy design and rollout. It allows them to more quickly configure their network security posture to thwart potential attack methods before they cause significant damage.
The LLM is trained with data from three classes: Telemetry and asset data from the enterprise environment, CISA Threat Advisories and MITRE ATT&CK Tactics, Techniques and Procedures (updated daily), and the Xshield knowledge base of segments and policy models that have been applied to the environment.
The result is the ability for administrators to pose plain-English queries to the LLM to gain situational awareness of how emergent attack methods could be applied against their enterprise environment.
For example, they could ask, “For which CISA Threat Advisory vulnerabilities am I at risk in my US-West segment?” Xshield Navigator will quickly identify the assets and ports that are potential targets of the new attack techniques.
It will then propose microsegmentation policy changes to prevent the potential attacks from compromising the environment through lateral movement attacks. This AI integration into the Xshield console enables the security team to quickly and conveniently configure traffic policies that eliminate the viability of that attack tactic.
At ColorTokens, we are committed to helping our customers prepare for the inevitable initial compromise, enabling them to stop the lateral spread of any attack throughout their enterprise landscape before the attacker can compromise their critical systems and sensitive data. We enable our customers to go beyond breach prevention; we help make their enterprise Breach Ready.
To schedule a conversation with our expert solutions specialists about how we can help your organization Be Breach Ready, you can reach us here.
