Predict, Prioritize, Patch: How Microsoft Harnesses LLMs for Security Response
Unknown
Black Hat USA 2024 · Day 1 · Briefing
In this Black Hat USA 2024 talk, Bill Demirkapi, who leads Emerging Threats at the Microsoft Security Response Center (MSRC), presented an insightful exploration into how large language models (LLMs) are being leveraged to enhance the efficiency and scalability of security response workflows at Microsoft. Demirkapi, drawing from his background in low-level software and cloud security, shared practical applications and lessons learned from over a year of experimentation with LLMs, emphasizing that his perspective comes from an implementer rather than a machine learning expert. The core of the presentation revolved around addressing the escalating volume of vulnerabilities and security-related data, demonstrating how LLMs can automate repetitive yet technically demanding tasks, ultimately aiding in the prediction, prioritization, and patching of security flaws.