AI + Actual Intelligence

Marcus J. Corey: Whoa, I forgot. I forgot they gave me a rule here I have an AI bot following me. That's so meta. That's so meta. All right, I'm gonna try to move real slow so it follows your boy. All right, hey, I want to give a round of applause, applause for the organizers and the sponsors. Real quick. We really appreciate everything I'll do for the community. Thanks. Yeah, it's so awesome. I was here, man, it might have been almost five to 10 years ago sometime, and it's happy. I'm happy to be back in Charleston. This is awesome, and I'm very excited for AI, and so you see this talk ai plus AI, that's, that's kind of like what I've been talking about a lot lately.

So if you, if you ever follow me online, I've been kind of, you know, I've been actually doing a lot more talking. So almost five years ago, a little bit over, about five years ago, I sold my company, and I was like, kind of quiet for a while, and nobody heard from me, because I was heads down doing r&d and building stuff at reliques. Reliques based out of Tampa, Florida, and kindly relied quest shout out to my team. They actually got, flew me here, took care of me, because I had to come in to fill the gaps from my Devil Dog here. So, so a shout out to us for having, you know, getting me out here to give this

talk. So the last, last five years, I've been, like, focused on R and D. I built all kind of different solutions internally. So as my background is, I'm former US Navy. We got any sailors in the house. That's what I'm talking about, smartest people in the room, right there. So I was in the US Navy eight and a half years. I did cryptography and all kind of cool stuff. So that means I was a, I was a CTO in the Navy, which means I did communications operations, and I kind of like supported Sigi and operations all over the world. So what's cool about that is I got to be like an actual spy going across

the world doing all kind of super secret stuff. I can tell you what it did, but I had to kill everybody in the room. That sounds kind of dangerous on the college campus. I shouldn't say that. Sorry about that. So what I'm going to do here is talk about ai plus AI. So there's two AIS, there's actual intelligence and there's artificial intelligence, and I think that bringing them together is the is where we ought to be. I'm going to show you how I'm using AI in part of my daily life. I'm going to show you how I'm using AI at work. And I use AI for everything, like, any like I am totally like, I feel like I'm

almost I'm going to morph into a cyborg one day. I'm going to give you plenty of links. I'm not going to give you a technical presentation today, because this is a keynote. I'm just going to give you, like, some ideas and directions to go. And I'm pretty sure if you use one or two, one or two of the things I tell you to do, you're going to end up, you're going to, you're going to end up multiplying what you can do. So like I said, actual intelligence. Y'all free for, come on down. Come on, come on down. Y'all good coming down. Make yourself comfortable. We're family. We're hacker family here, ain't we? So this is going to be, this can be as

interactive as you want to. You can't fluster me. I'm an old I'm a crazy old country bastard from Texas. You can ask me anything at any time, if you have questions about anything I say. So I used AI to come up with a lot of this imagery you're going to see this is actually the new triber hackers logo. I'm kind of relaunching that tribe of hackers brand, and we're going to have a new triber hackers book. Funny enough, coming out, we're going to have a tribe of hackers on AI coming out very soon, next month, and it's going to be lit. I got, like, AI experts from all around the world in cybersecurity. I got

people that wrote, did stuff for open AI in the book. So it's going to be crazy. So you're going to you're going to really appreciate that new tribal hackers book. It's going to be tribal hackers, artificial intelligence that's coming out soon. So ai plus AI, remember actual intelligence. I've always been a proponent of teaching people and sharing knowledge and building the communities. That's what whole tribe or hackers thing was about. And it's pushing at actual intelligence. But I'm going to show you how, again, how I use it professionally, how I use it in my personal life. And at the end, I got a funny surprise for you, because I just released the book. But I'm actually about to I released two children's book

during COVID. I don't know if any y'all know that I did two children's books where I wrote and illustrated them, and then I did, I did a new book, but I use AI to do the new children's book. I'll show you how I did that. So tribal hackers, this is the we're relaunching it, and we're going to be definitely putting out more books and and all that stuff. So what the first thing I want to talk about is. What I what I kind of like. It's funny. So I work for relied quest. Rely quest is when I first met reliaques, people sometimes tell that they joke and say relied quest is like a cult where I work at so anybody

work with reliques here or no? Don't know who they are. Pretty cool company, right? But the thing that we have that I haven't seen in a lot of companies, is we have, we have mindset coaches. There. We have three mental performance coaches that work for us right our top mental our type. So I'm all about mindset. So hopefully what I'm going to do is kind of like impart some of that mindset stuff. You know, the military brainwash me. That's a mindset, right? And in mindset, it's so important. We have three full time we got, like, over 1000 employees, but we have people that full time just work on our mindset all the time. And what we focus on at reliques is

outcomes, outcomes, outcomes. Because sometimes it's easy to get to kind of focus on technology and stuff like that. But at the end of the day, if you're if you're employed by somebody or whatnot, and or you're servicing a client, what matters is outcomes. When we can talk all day, we can we can be the smartest person in the world, but if we're not producing outcomes, it doesn't matter. So funny enough, all these pictures are AI generated. Oh, and the best one to do that is grok, by the way, that's my favorite one to produce images is grok. That's on Twitter. You hit a grok button, you can just ask it to do any image. So I'm going to tell you the tip how I

got all these images today, the prompt that I use, because you know how you got to prompt these llms and AI stuff. I said, I said, draw me a picture that exemplifies this. And for a presentation, very simple. So in this one, this was outcomes. And so I said, Hey, draw me something. Create me an image that exemplifies outcomes. So all the images I actually created this morning before I got here, right? Just like most hackers, I waited to the last moment to prepare my presentation, but I know what I'm going to talk about, though. So outcomes over everything. That's my that's that's kind of like what I kind of like we preach at Elizabeth, and that's

what I think. It's a good out. It's a good mindset to have. It's like everything we do, can we create better outcomes? Right? That's the lens that we have to view stuff in in the hacker world, outcomes, outcomes, outcomes. All right, cool. So this is a little note by AI. AI is like the smartest fifth grader you ever met in your life. That's it. It's it's not, it is so smart it knows a lot, but it doesn't have a lot of real world experience like you do. I think that's the big, biggest difference between AI and actual intelligence is the real world things, because we actually can take in so much. We can we can take in so much more context. And I'll talk about

context later, because I'm standing in the room and I'm taking in everybody. I can see your emotions, I can look at the body language. I can do all these things. I'm aware at the time it is right now most llms, unless you tell it what time it is, it doesn't know that. So I know it's early in the morning coffee, if it's afternoon like you, just have all this context as a human and even with your children, me and my wife have my wife's right here in the front row. We have four kids, and my kids are brilliant. They're pretty smart kids, but sometimes, you know, my mom used to tell me when I was going. I

kind of relate to this, because my mom used to always tell me, even when I was young, she said, Marcus, you got all these damn brains and no common sense. So aI don't have common sense, and I don't think it's going to get better anytime soon. So that's how we have to treat AI, and we and we have to adjust our expectations, and I'll talk about expectations in a little bit. So it's super smart, but you have to sometimes it gets kind of wild, and we you have to set guardrails and all that stuff, just like you do have to, just how you have to set them with your kids and whatnot. All right. So now what I found is,

what I'm going to go through, like, how my history with AI real quick. How you doing? So, I've been, I've been, so how many you got? I mean, I'm kind of old now. I was, like, I was, I was eight years old when, like, war games came out. Like, how many War Games fans in here? All right, classic movie, if you haven't seen war games yet, it's a much read on the hot on the hacker list. If you want to understand the hacker culture, you got to watch some movies. You insert movies you just got to watch. And definitely war games is one of those. But anyway, war games is awesome because I was eight years old

and I'm watching this movie, and Matthew Broderick is hacking into this government system, and it's an. I right? So I tell everybody I've been waiting for this since the eight since I was eight years old, since I was a third grader, I've been fascinated with AI because I wanted to be Matthew Broderick. And nowadays, when I can go to chat and ask you to, you know something, it reminds me of war games. That's what that's where it takes my mind, right? And that's what, that's what's awesome about it. So over the years, what I what I've been able to do, is I've always tried to automate, automate, automate, and that's what I've been doing my whole career, scripting stuff, like UNIX systems. Back

in the day, when I was in the Navy, I got into, you know, scripting stuff, and for Linux, all these different things, and scripting was kind of the first way to get into this. I'm going to start talking about books a little bit. So it's a really good book. One of my favorite books is called on intelligence. Anybody ever seen that book? Very, very good read. And the reason why it's important is because, you know, the whole thing about to understand, you know what, what may happen in the future. You know you need to understand the past. Well, the guy is named Jeff Hawkins, who wrote that book. Jeff Hawkins is kind of a big deal because he invented the palm pilot. I know

some of y'all are too young to know what the Palm Pilot is, but it was a big deal when I was growing, when I, when I, when I was younger. So the PalmPilot. What's interesting about the Palm Pilot is it was like the first handheld, like little thing that everybody was taking around one of those things, and then the BlackBerry came, then iPhone came, essentially. So not too long ago, you could even get internet. You get articles and stuff on it. So the palm pilot was a big breakthrough. So the cool thing about this guy is the same guy who met the PalmPilot wrote this book. He also is a neuroscientist. He's a trained classical neuroscientist, which is pretty cool, because in this

book, he breaks down how the brain works and how AI works, and he goes through all these algorithms. And one the funniest thing about that book is he's absolutely a skeptic on AI, like general AI, he absolutely he destroys it. But this book was out before llms. I hope he does. I hope he re I want to hear his thoughts on llms. Maybe I can find his blog. I haven't checked it out. It's still one of the best books. And the reason why that book is so good, and I recommend you all take a look at it. Is he said that he does not believe that a general AI is ever is going to work. He said the brain is too complicated.

It's too big and all that stuff. I believe he's right, because even with the llms what we're seeing, he said that you don't try to worry about creating the human brain, just create intelligent machines, is what he says. Now, an intelligent machine is something that's very focused on one thing, like a Roomba or something like that, that's all to do is this goes around vacuum cleaning, and then this is the big breakthrough that I see with in cybersecurity. And in AI period, people are getting down to this, what they call an agentic approach. You have heard people talk about this, and because this actually aligns with what Jeff Hawkins was talking about in that book. You're like, you can do all this stuff. You can

ask it any question you want to, but the more you narrow down and whittle down and say, I just want you to just take a threat feed and give me something. I just want you to just look at emails and look at the header, this, this, this, and that those are actually the solutions that we were finding really good success with, because you're narrowing the scope and you're not trying to ask it to be the end all be all to everything. And that's exactly what he said in this book. This book was written 10 plus years ago, before any of this whole LLM stuff was out. But what he's this dude is almost like a prop.

He's like, prophetic. That's the first book on intelligence, if you can write notes down. I'm telling you these books good. I listen to everything on Audible myself when I'm driving or walking or whatever. The second book is called The Master Algorithm. This book is amazing because he goes over all, I think people, if we're using it, I want to know what's going on behind, behind the scenes. A little bit the Master Algorithm. I'm going to mess up his name. His last name is Dominguez, but the Master Algorithm is amazing book. And what that book talks about, he talks about all the algorithms, and he says the same thing, essentially that the other book said, but he gives

you a history of all the algorithms. He he goes back. These guys are going back to sometimes ancient civilizations with some of this stuff on how things were done, like actuary science and all these different things. And what he says is, you have to combine all the algorithms to have a Master Algorithm. Same point, there's going to be certain use cases for classical data science, and there's going to be certain use cases for llms. I've been putting my hand up so much. Is it still following me? Probably. So I'm probably good. We're good, all right, so I'm just a hand waving thing, and AI hates me. I love you, though I love AI. All right, so that book, The

Master Algorithm gets to the same point now. And so what we have to do as cybersecurity professionals, we have to figure out how we can, how we can whittle it down and give it the right context. And we have to do, quit doing some things that I'll talk about later. Some things make me laugh. What I see people doing. People try to trick AI, and it's just funny to me, I don't understand it. So let's talk about the automation stuff. All right, so when I did threat care, what I was trying to do, I was the first breach and attack simulation thing on the market. When I did it, I actually did a talk in like, 20,

2009 2010 I did a talk at DEF CON, where I wrote these things called vsploit modules, vsploit, and I wrote those modules for Metasploit, and I did a whole, I did, I did a DEF CON talk on it, and all that stuff. And after I left rapid seven, I started my company where I created breach and attack simulations, and that's what, that's what I was doing. So there's attack IQ that are big, and all those people, safe breeds, and all that stuff. I was the first person to ever did that, far as I know. And one of my friends, John strand, y'all probably know John strand the Black Hills, he said, Marcus, you're an amazing

innovator, but you're terrible businessman. That's what, that's what my bad John told me, and I he's right. I've created all kind of stuff. Also, back in the day, I created something, how many y'all use Canary tokens, right? I created the first Canary tokens ever, too. It was, I called it honey docs. And that was, that was kind of a big deal when I did it. Actually got that off a book that John strand and Paul edori, and they wrote a book called active countermeasures. And I saw a I saw an example of them doing it in that book. And what I said, Oh, I can actually build a web app to do that and do automated

documents. So how my mind works, and I've tried to impart what my how my mind works is seeing something simple. How do you automate it? That's how my mind works, and I think most of us are capable doing that in AI. What AI has done is it's allowed us to take stuff that we do every day, mundane task, like, who wants to look up virustot every day or every hour or every minute, every time you see something? Feel me, why not automate that? There's APIs for that. Can AI look? Can AI use APIs? AI can definitely do that. Yep. So it's all these different things that you can do to automate, automate, automate, and that's the mindset, I think, the security we need to talk

more about mindset and like, how do I break these problems down? And that's going to allow us to leverage, it's going to allow us to leverage AI way better. Does that make sense? All right, cool. Again, all these different all these images are AI driven, and I love it. So told you about some of the things I did. So when I was at threat care, what I did is actually started using AI. What I did is I did NLP, I took voice, and I was like, hey, run, a run, a run, a ping sweep on my network. So I created this thing called Violet, which was a which a virtual assistant at my company. It was called Violet, and you could talk to it in your

browser, a run, a scan, download business documents. You could do all this voice stuff, and it did it. It just did these attack simulations, and it did it by voice. I was way early, and sometimes, if you're early, that's not a good thing, right? So I created this AI assistant a long time ago to do vulnerability testing and all that stuff and breaching the tax simulation. So that was about 10 years ago. So again, like John strand said, I've always come with these ideas, but I kind of got lucky, and I ended up selling my company a threat carrier to rely quest. And that's how I got to rely quest. And so I've been to allow quest by five years. I ran my company

six years, you know, you know, hacking away at stuff, and now I've been at reliques for five years. So what's cool about OpenAI is I work with a pretty cool team. I work in the Office of CTO there. We're a small crack team of people, and we're like, we just try to invent solutions all day. We do R and D, and then what we do is we pass it on, right? We pass it on to product and try to get it productized, right? So one of my good friends, Jonathan echavarria, I work this super he used to be Facebook Red Team. Super smart hacker, smart guy, so he's always signing us up for stuff. So we. Got, we got early

access to open AI, right? And so what happened was, every Christmas, it's like a two Christmas holiday. Whatever the holiday season is, we get, like, two weeks off, right? And, you know, I get two weeks off at least. And so I actually do personal experiments every year, so I'll hack away. I'm off. I'll just, I'll just build projects. And so we got access to about two over two years ago. We have access to open AI. I didn't touch it. I was so skeptical of a of AI because I tried to build something with AI. I knew the shortcomings. I read really good books, like I told you all the books that I'm talking about, and they absolutely destroy AI, I was skeptical. So what I

downloaded is, I downloaded this app because OpenAI created this they included this web app. The web app was, it was kind of cheesy web app. It was written in next js, but the web app allows you to put an animal name, like any animal, dog, and it would suggest you a name for it would come up with a name. This is super cheesy, but that was their example, right? But immediately I was like, man, if it can do that, I'm always remember the actual intelligence piece. The actual intelligence is, hey, what if I said, Give what is, what does DNS do, or, what does this port do? Tell me about this. So I started asking

IT security questions. I kind of hacked the web app to answer my questions. And that's where I was like, wow, this is actually pretty dang cool, right? This is cool because it's answering security questions, it's answering port information, and any analyst will love that, right? So what I did is I rewrote that whole, that whole thing to be an API. And what I did is I built a Chrome extension for Chrome and Mozilla, I mean, for Firefox, because my buddy Jonathan, he loves Firefox. I don't understand why he loves it so much, but he does. I'm more of a Chrome user. I can't lie, for better or worse. So we wrote a we wrote a we use. We wrote a

Chrome extension. I created, I transformed that app to an API to just do calls, and what we were able to do is do DOM manipulation, to pull Dom We pulled the information from the DOMs, and Dom was so our platform is called gray matter, so we have all this information, just like many other systems have. What I did is I did DOM parsing, and I parsed the information I wanted, and started creating these bad ass reports like, this is, this is stuff is not in our product, but this is stuff like, holy crap. This is crazy. So because sometimes you have to hack even internally, you got to have your vine like that. So after seeing what we could do, I actually

made it so slick that I actually wherever I wanted to put reporting in gray matter, I put a little robot icon there. And so if they click on a robot, it opened up a modal, and it did analysis on whatever, using AI. And this was really bad ass. So that was almost two years ago. We did this. And so I would say that I'm practically I've been building these solutions internally at Rock quest for a while, and now we released that. We just released it recently. We released the autonomous agent that does go it goes those triage and all that stuff. We have that technology, but it's the hacker mindset that I have, is I'm always thinking like, okay, how can I do this in that,

you know, experimentation and tinkering around, does it now, none of this stuff, I don't believe, none of this stuff is super hard. And I encourage everybody to do it. I encourage. I'm just a dumb boy from Texas, you know, I'm saying, plus a sailor at that. I don't, you know. And we don't get too much, especially for Marines, you know, Sam Paul, anthropic, so open AI, play with that. Anthropic is also one of the they're right on the hills right now of open AI, in my opinion, one of the, one of the one of the smart guys from open. AI left and created anthropic. So they got a pretty awesome team over there, and it's a different use case, right? So and, and

what's cool about it is I would actually recommend that you do you you look into open AI, and you also look into anthropic and Claude as well. Because what I like about Claude, it does really well with being able to incorporate knowledge into and knowledge meaning that say, if you want it, if you're managing the security program and you need to make sure that all your security policies are aligned and up to date, or recommendations, you can actually upload all your security policies. Very neatly and Claude and say, Hey, can you please do an analysis of my security policies? Or if you're a customer, I mean, if you have a customer that you're doing, if

you're a consultant, this could be a whole line of revenue for you, by the way, to be able to do assessments, sometimes you have to look at a lot of documentation, and why not just upload that documentation in there, and that's going to be that's the documentation, also using your subject matter, subject matter expertise at whatever you do, whether it be auditing or whatever, that's the actual intelligence, right? And then, of add context, you can do what they call custom instructions on cloud, and you can tell it you're are an agent that are going this auditing for compliance, this auditing for this, or this that. And a third, you can tell it exactly what you

want to do, and it will actually write, it will rewrite policies. It will create policies out the blue. It will do whatever you need to do. It's absolutely mind blowing. I've seen so many dank people present on, on presenting on these things. But I recommend whatever you do in your day job, figure out how you can do use AI to do it. I am. It's gotten to the point where I'm I'm not even impressed when people do these AI demos anymore, because it just all make sense to me. It's super simple. No matter how much abstraction people do, people will make it sound all complicated. Oh, you got to do rag. You got to do this. You got

to do this, this memory thing and this state thing and all that stuff. No, they're giving it some data and they're prompting it right, and at the end, you get amazing results, no matter how much, how many abstraction layers they do. Anybody can do this, and I get props to open AI for making this super easy. Did y'all know that Google is actually under pressure and Google might be collapsing? Did y'all know that, because nobody's using Google search, no more. Everybody's going to AI or going to open AI or anthropic or whatever. Google had all the market advantage in the world, all the data in the world, and they fumbled the bag big time. So there's a lot of

talk in the circles that you know they might be firing Google's CEO all kind of, all stuff. So it's they are under pressure because nobody's using it, nobody using Stack Overflow anymore, either, like all these companies are under this pressure. And here's the deal. And this is what I wrote, this new book that I wrote, I wrote a book called hacker Inc, right? I think cybersecurity professionals are under pressure too, from Ai, right? And that pressure is a lot of people are worried about their jobs. A lot of people are worried about, man, if all this automation isn't going to automate me out of a job, I would say, No, not necessarily, not necessarily. There's a really good book. I'm always a book guy, and this book

is called The fourth age. It talks about this. The fourth age is a book on robotics and artificial intelligence and all that stuff. The reason why this book is so important is what it talks about. It talks about the history of technology. Technology has always replaced jobs, right? But the primary thesis is it's also created more jobs. So you're not going to have to be doing crappy stuff anymore. There used to be people that used to get paid to just all they did was, you seen, you know, you got traffic people like sometimes the cops directing traffic. They used to be a job in a lot of cities, but they put up lights, and that job went away. There used to be a

lot of candle making jobs. There used to be a lot of Lancer making jobs. Well, electric lights, there's no more of those jobs. But what electricity did is it created better jobs in other places. So I would say in cyber security, what you're going to see is you're going to be able to do cooler stuff. You're not going to have to be doing crappy, crappy stuff, like just looking up, manually looking up. And this is what I this is what I did in law quest, right? All right. I need to look up bars total. All right. Oh, I need to look up this domain thing. I need to look up this thing right here. I need to look

up this thing right here. And we need all this information. Because sometimes, contractually, the customer we have, we have to have all these proofs of evidence we have, you got to look boom, boom, boom. It drives analysts crazy. How many people have to do all those lookups? What? Yeah. So you can automate that, right? And even, like with AI, what you can do is you can build tooling to say, here is access to all these APIs AI, why don't you just go look it up, summarize it and give it to me. Same thing with phishing emails. If I can look at a phishing email and say, Hmm, that subject, that subject, kind of weird. But I'm looking at the

who it's from. I'm looking from this. It's an IP address on there. It's all these different things, the same thing you do as a human. You just automate that. So I do think that we have to skill up in cyber security in general, because a lot of people don't want to code. A lot of people want to do stuff. I think if you don't want to, you're going to have to learn how to code a little bit enough to interact with these systems, these and some of y'all going to make a lot of money off building companies and solutions to sell or services to offer. So I think that this opens up a whole new world for us now. Anthropic

again, anthropic is awesome, because I'm gonna talk about tokens in a little bit here. You can do 200,000 tokens to cloud 3.5 sinene, all right, so when just and that's a big number, because when it first came out, when I was first playing with it, two years ago, when I was first playing open, AI, it was only 4000 token 4000 token limit. You could only ask little bitty questions, and if you wanted to pass a document to it, you had to do some complicated stuff, like you had to, you had to chunk the document up. You would have to do this thing called embeddings and their similarity searches and all this other programming things. But now you don't have to do that

with anthropic Claude 3.5 you can, you can do up to 500 pages of context in one swoop, with one swoop. You can, you can, you can do all this work that you you normally would have to manually do. This is an absolute game changer. Nothing you and like I said, what, what was happening before is it would have to keep on reaching out for data every time or or do some other thing, but now you can actually throw all this information up at the sun, so you can do all those look ups, right, throw that into the context window, and then get a result based on your knowledge. Every company is different. Every company does IR different. But whatever your, whatever your

actual intelligence is on how you do that? That's, that's what you tell the that's what you tell the Elena to do this. It this. This shouldn't be mysterious at this point. Let I tell people, I'll be a terrible magician, because I just tell all the tricks. So how do you start experimenting, right? I look man AI does some hot diagrams, right? It looked like some of Breaking Bad, right there. Where do you start experimenting with, right? Like I would always start with things that you know best. I see sometimes people are trying to go, kind of get out their lane on different things and that I think we all need. My buddy tells me sometimes people need

Lane Assist, right? Because you might think, oh, AI, is cool. I need to do something I've never done before. Ai, no, that's not how you do it. What do you do every day that you know better than most people? That's where you start your experimentation. I know this process from A to Z. I'm going to automate this process and I'm going to use AI. That's where you start, and that's where you're going to see real gains. What's funny, some of y'all work from home. Y'all might be able to put your job on. Y'all might be y'all might be able to just totally outsource yourself at home, but that's how you got to be thinking, don't try to do something crazy and weird. What

do you do every day that can save yourself some time? Those are the tasks that's going to make going to reap crazy benefits. And if your entrepreneur mindset, that's how you can just how you going to make a bag. If you do audit, compliance audits, or all this stuff, throw it in Claude, tell it how you want the report you can. You can throw all the compliance documents in there and you say, hey, Claude, this is how I write. This is how my compliance reports look. Can you take all this documents and make it look like this? Boom, that's all you got to do. This is unfair. So in business, we always talk about unfair advantages. Unfair advantage

means what your unfair advantage is your what you have in your mind. Because what's funny, everybody has access to these llms Now, but everybody's not getting the kind of results that everybody else is getting. Why is that? It's because some people are. It don't matter what you do. I. I used to think when I was young, I was like, Man, the internet's gonna change the world, right? It's gonna make everybody get accurate information. It's gonna educate everybody, but I think the internet has made us dumber. I mean, so just because everybody has access to this stuff, don't mean everybody's gonna do it. You feel me. All right, talk about tokens. This is where it can kind of get expensive if you're playing around,

experimenting with yourself a little bit. So again, small baby steps. Don't try to boil the ocean, just try to automate something small, because the tokens do cost money, right? And even for a big company, you know, back in the day where people started first playing around with AWS. Sometimes they got these crazy bills. That's the same thing with AI. Like, sometimes you might get a bill like, God, dang. I didn't know I did that much automation, you know, but, but make it make sense. Set set limits on how much you can spend, and all those different things. I remember, there will be some weekends, and don't tell my wife. I'll tell you that even though she's sitting right here, I'm going to tell you something.

I accidentally spent $200 on open AI like doing fine tuning of a model. It was wasted, because now I know that fine tuning really doesn't do that much. Right? What I would say is that what you need to focus on is prompting and prompt engineering, and that's the term that everybody, everybody uses. Now, let me just go over in general, why AI is way better this LLM stuff is way better than all the classical training data science things, right and and I would say outcomes. I can create outcomes faster than anything with these llms than before. So how the classical data science thing worked? What they did is they would they would go in, they would train a

model, they would do all this testing, worry about all these other things. It would take them six months to kind of do something. It'd be like a crazy long sprint, maybe a year, and then they put it out, if it just don't work. Oh, dang it, they don't work. We got to go back to drawing board. We got to go back to drawing board for six more months. Come back. Dang it didn't work again. And these guys are expensive. These are these are hot, so now, but what you can do now is you can take, I can go to chat, GPT, I can put a data, put a log in, hey, parse this log for me. Boom, instant results. And that's, that's the

big difference, and that's what I want people to recognize. But it can be avoid doing stuff like I did and spending all that money on and you didn't hear that baby, you didn't you didn't hear none of that. You have to be adaptable. This is supposed to be like some kind of space age cockroach. I don't know if it looks like that, but AI, I think AI did. It looks pretty good to me. I don't know if that's a real animal or not. It could be hallucinating a little bit. I asked for a cockroach. He gave me that. I was like, that looks good. That looks very cyber ish, you know? So I was like, let's roll with it, right?

So you got to be adaptable, right? Sometimes, I'll tell you a story when I was at NSA. When I was at NSA, I was actually when I first got to NSA, I had a crappiest job at NSA. I had a messaging job. Messaging was I would response. I were responsible for kind of fixing messages when they didn't work. This was way before email systems. I had to I had a job where if I would get an alarm, if a message aired out, and I would have to go in and fix the message. It was mind numbing. But they put me there. I think that I got, I got some kind of face that says, let's put Marcus

at the crappiest job, wherever he goes. So, but we had, we had, I had this crappy job. But over in the back, they had people that were doing Cisco, internet working and all that stuff like that. And I wanted to get over to those jobs. So what I started doing is I started doing is I started studying, and I got my CCNA, and so I eventually got to move over. There. I was the first CCNA in the whole shop. So everybody else was doing, they were doing networking, but they weren't studying and didn't have the dedication, right? So I was in a crappy situation, and I was like, All right, cool. I'm going to work my way up. I think that

anybody can, if you actually get above this, if you get ahead of the AI thing right now, it's going to put you in a sweet spot from a career perspective, because you're going to be able to create solutions. And the more you know how to talk to these llms, the better it's going to it's a superpower, really. So if you learn how to start automating stuff and doing stuff in it, you're going to be you're going to be good to go. So you got to be adaptable. If you know how to code, learn enough code. Learn Enough Python probably is a good one to actually manipulate these llms and start getting outcomes, because you can do stuff with with the GUIs that the open AI

give you or Claude gives you. However, to get more bang for your buck, you want to connect it to your own custom APIs and do stuff like that. Yeah, and that's cool. So if you can do some scripting, cool, if you want to get into building your own web UIs, I would recommend next js, and that's what I use for all my applications, because next js, OpenAI, has stuff for that. There's this really cool SDK called versl SDK, called versl Ai, SDK. Check that out. There's also, for Python people, there's this thing called Lang chain. You ever heard of that anybody a player on Lang chain? Yet Lang chain actually helps, allows you to make tooling, doing, calling and all that

stuff. So anything, any presentation you ever see on AI is using something that I'm talking about, and even those are abstractions. I think Lang chain is too hard. It's too much, too much abstractions. You could simply do your own stuff, like, for instance, like what happens? What you'll see is Lang chain will come out with tool chain, and then open AI, see what they're doing, and then open AI, release their own version of that. So this, this iteration over the last two years, has been mind numbing, and you have to be adaptable in order to get to get over it. So that's what it is. So people write these things for this particular tool set. Maybe it'll

be Lane chain, and then open AI, change their API, and then none you wrote, none you wrote works. So this thing is moving that sets a fast pace. I'm saying be adaptable and keep and keep iterating. I talked about the tools, and I'll reiterate, Python, right? Python is used for, like all machine learning. You probably heard of Jupiter Notebooks. There's actually you can get these Jupyter Notebooks, this pre done Python programs that you can actually run that Python locally or in Google or wherever you want to. That's very cool. I'm in love with next JS because next JS does front end and back end at the same time. Sometimes if you write scripts, you're the only person

that's going to run that script, but you write a web app that makes it easy to do. And there's also this thing called streamlet. Anybody ever play with that? Yeah, so streamlet actually can make some web, web UI stuff too. So make whatever you do, make it super usable by other people, and you're going to get some traction doing that stuff, data privacy. I'm talking a little bit about data privacy. So a lot of people worry about data privacy when, Oh, are they going to use my information to do it, or they already have your information I was playing kind of so what, what you do have is with with Azure, because Azure is partnered with open AI, you can actually have tenants that

don't save your data. So you can actually send customer data up there. It processes it, and they have guarantees that it's not gonna, it's not gonna capture information, but work with your legal work with the lawyers, and work with the legal stuff. And that's, that's something so you can, they won't save your information and they won't use your data for training. Open, AI also has that and everything anthropic every nobody wants to be trained on data. So that's so don't I worry about outcomes. By the way, I worry about outcomes. And if you tell your customer or your company, here's here's, here's what the risk is, and we mitigated that risk, let's focus on outcomes. That's what I try

to do. So I'm not as worried. I'm not worried so much about data, privacy of this stuff, hallucinate, hallucinates. Hallucinations. I'm a Texan, you know, we can't talk in English. So hallucinations is a big thing that people talk about all the time. It's real, because sometimes you'll get funny results. I laugh when I see people trying to trick AI, because I'm like, is the outcome just have a giggle. Are you trying to get a real serious business outcome, right? And I understand there's people pen testing these things, and there's bug bounties and all that stuff. And you know, some of my friends are participating in these things. Some of my friend, my friend, runs a book, a bug bounty program for

Mozilla, right? So, but for all the rest of us, yeah, let people find bugs, just like a lot of people do, bug crowd and all that stuff, but the rest of us need to focus on outcomes. What outcome can you have for your customer and like, what outcomes can you have for yourself? Right? Let's focus on outcomes. Hallucinations are real, but the more context, the more data and all those things you give it, the better results are, trust me, and you give it tight guardrails too to operate in, like I only want you to look at emails, and that's the only thing you do, that's your existence, is to be a master at this. Don't make up some other thing about threat intel, or

don't make up in. The other stuff. Just look what you see and give me a outcome. Do you have to talk to it like I said, like as a fifth grader, these are the rules you gotta sometimes you should see some of my chats and my some of my prompts. I'm Bob. I'll be saying some crazy stuff to the joint expectations. This is, this was a this, right? Here is a funny prompt. I said, Hey, draw up gender reveals and you're not happy with the results. It kind of looks like that, right? We have to manage expectations. Manage expectations, right? Now, what's also hilarious is when people do something like, man, it's hallucinating. And I'm not going to use it at all. I'm

like, bruh, you are wild. You are wild. Like, like, if, just in this case, if they don't, even if they don't, like the gym, they're gonna have a beautiful baby. We can't throw the baby out with the with the bathwater. It actually was part of the funk. We ain't throwing the baby out the bathwater. We have to use AI. You have to learn to leverage it, eliminate hallucinations, do all those things you you if you don't do it, you're gonna be a dinosaur. I tell people, I'd rather be an Android than a dinosaur or cyborg, than dinosaur. There's a lot of dinosaurs I heard. Don't want to do it. Context is king. Yeah, it's amazing. I love that. Context is king. The more

information, the more context I'm beating this down. This teachers used to do whenever you lecturing right. Context is king. The more information you give it, the more guardrails you give it, the better outcomes you're going to have. What's cool about this is you can even say, Hey, do this and give me a JSON output, right? And then you can plug that up into another system, another pipeline, do all this stuff. I want it in JSON. I need this in XML. I don't know who would do that, but some, some of y'all out there, right? Maybe you need XML, but you can actually use it to translate languages, right? Boom, all right, boom. We're not in, we're not in the I know somebody in

here has got a call from a Mexican, like a Mexican company or Puerto Rican thing. They want you to do the work. But I don't, you know, no, Hablo Espanol, Senor, right? But what's awesome about this is it's multilingual. Out the box, you can write a Penta support from Spanish. It's crazy. There's no magic bullets, right? What's funny about people talking about hallucinations and all this other stuff and all that is, or any other system you ever use it, so none of this stuff's perfect, right? And even, like, what I would do is I will say, like, Hey, you worried about my AI thing having a hallucination? But Billy Bob is wrong all the time about everything, right? Yeah, there's

no magic bullets. No doubt, no doubt. Can y'all tell them, pro AI, where to start? Start with something you know, right? And this is the big tip, right? Here, go prompt yourself. So if you don't know what to ask AI, you you use AI as your AI Sherpa. You say, AI, I want to do this thing. Can you tell me how to prompt an AI for it? I want to create an image, or whatever. All these crazy images I created. I created something different, but you could say, I want an image of me at B size Charleston, blah, blah, blah, blah, blah on stage, blah, blah. Can you please prompt that for me? It'll use all kind of

language that the Texans don't know create an iridescent scene in natural lighting and all this other stuff like that. It will like, wow, I didn't even know those words existed, but you can plug them into the LLM, and it'll create exactly what you want. And this works not just with images, it works with code and everything. Has anybody ever tried to this is a really good pro tip. I'm trying to give y'all some sauce. You listen to what I'm going to say right now. You can. You can take any problem that you want and say something like this, try this next time you're at chat, right? I need you to imitate three different experts in cyber security and solve this problem.

I need you to debate this topic and then come up with a resolution. What, what I just said, is going to blow your freaking mind if you haven't tried it before you I want you to give me three experts to debate a topic. I want you to debate the topic so I can see it and then come to a conclusion of that topic, what it's going to do. Sometimes, when you ask chat to do it, one time, it's in a first person persona. Yeah, but what you're doing is it's going to take different angles to try to solve the same problem, and then it'll come to a consensus based on all those inputs. Are you kidding me? This? This is

crazy. I mean, this is so lit. I don't know why people ain't using it. If you're not using it, you just use this. Wow. I mean, I don't understand the rationale for not using this technology. Again, don't be surprised by anything you see when it comes to AI. I think this is my last slide, but I do want to promote my book real quick. So this is my newest book. It's called hacker Inc. And why this book is important, because I teach you how to leverage AI to enhance and market your own career. I think everybody has to be their personal CEO. No matter where you work at, you need to take charge of your career, because now, with ai, ai, if you if you

trash AI, is going to take a job. If you don't got no skills, you might be in trouble. So this book teaches you how to use AI to level up. You can use AI for interview prep. You can use to help your LinkedIn stuff. You can say, hey, AI, I'm interviewing for this job, right? Can you please interview me? And you can do it all with voice with the chat GTP app. It can interview for your job, and you can do a role play with AI, right? You can even say, I'm interviewing for this job at this company, and it will take all the context about that company and interview you based on that. Why? I mean, why aren't

people using this I'm done. So that's my that's that's my talk. I'm sticking to it. I appreciate y'all for coming and welcome to B size Charleston. Thanks for having me, brother.

Unknown: I.