Tenable develops new generative AI security tools to combat cyber threats

Ray Carney, Director, Security Response and Zero-Day Research at Tenable
Ray Carney, Director, Security Response and Zero-Day Research at Tenable

Tenable®, the Exposure Management company, has developed four new prototype AI cybersecurity tools to help firms combat a new generation of cyber threats and to create efficiencies in the cybersecurity research process. This includes areas like reverse engineering, code debugging, web application security and gaining visibility into cloud-based tools.

What do Tenable’s AI tools bring to the industry?

This development comes at a time when concerns are growing over the potential unintended consequences of unregulated AI, with more Australians demanding swift action to establish responsible and ethical AI practices. The Australian Responsible AI Index report reveals a concerning trend, with only 24% of companies having measures in place to ensure their AI practices align with global best practices, despite 82% believing they are using AI responsibly.

In response, Tenable has carefully embraced the technology and examined how it can be used to enhance both security and protection measures. The new tools outlined in an accompanying report by Tenable titled ‘How Generative AI Is Changing Security Research’ will help the cybersecurity community identify vulnerabilities efficiently and at a faster pace.

  • Reverse engineering: Tenable created G-3PO, a tool that automates part of the reverse engineering process helping engineers understand the code’s functionality quickly and efficiently without reading every line.
  • Debugging code: Debugging code requires understanding intricate technical details across multiple areas. Tenable developed an AI assistant that works with GDB to make finding and fixing mistakes in code easier.
  • Improving web app security: Web applications provide a unique challenge for researchers due to the complexities of identifying vulnerabilities within them. To improve web application security, Tenable created an extension called BurpGPT that uses ChatGPT and Burp Suite to help researchers find and fix common web application vulnerabilities.
  • Increasing visibility into cloud-based tools. Organisations often overlook the issue of misconfigurations in identity and access management (IAM) when it comes to cloud security, even though it’s one of the most common concerns. Since IAM policy misconfigurations are common, Tenable created a tool called EscalateGPT to identify issues in IAM policies and improve Tenable Cloud Security.

What do the AI tools mean for Tenable?

Commenting on the new solutions, Ray Carney, Director, Security Response and Zero-Day Research, Tenable, said, “The complexity of modern-day cyberattacks has opened up new avenues for generative AI to make a significant impact in cybersecurity research.”

“While we have only just scratched the surface of how artificial intelligence can play a role in security research, Tenable has already leveraged new tools that can act as a force multiplier and reduce labour-intensive and complex work that can enhance productivity and enable us to identify vulnerabilities more swiftly and effectively,” Ray Carney further commented.

To read the full report, please visit the website.