BSidesCharm 2025 - AI Agents Could Be Running Your SOC To Prevent Cyber Attacks - Keyur Rajyaguru

[Music]

Welcome everyone. Um just want to make sure if it's uh audible right till the end. Okay, awesome. Uh, thank you. Welcome everyone. Uh, my name is Cay Rajiguru and I'll just use this blank to introduce myself. Uh, I work with Walmart Infosc. I work with their cyber defense operations. Uh, I work really closely with the intelligence, the uh, detect engineers and um, the devs as well uh, at Walmart. And uh before working for Walmart Infosc, I worked with uh couple of years as a security consultant with uh Unstand uh designing security operation centers for some of their clients. And uh before that I spent uh close to two and a half years as a network uh engineer uh working for

a financial uh client or a bank. So that's the background and I'll I'll start with the topic. Um if anyone wants you can uh scan this one. It's going to pull up an article which is um a foundation of this uh topic or this talk. Right. So getting into the topic, it's about how AI agents could be running your security operation center to prevent cyber attacks. Uh people working in sock, can you please raise your hands? Any any sock analysts? Okay, quite a few. Quite a few. Okay, I see one there. Okay. Uh yeah. So so security operation centers like burnout is a real problem. The volume of alerts that uh the sock team has to handle uh is really huge and we

are going to talk a bit about um a sock first and then the problem and I'll just uh walk through the proposed uh concept of a semi-autonomous uh security operations uh center. Right. So like not assuming everyone is super familiar with security operation center. So I'll use a slide or two and spend like a minute or so explaining about sock the role of a cyber security analyst why it is a problem and I'll touch a bit more on uh generic automation and then we'll move to the topic about uh AI agents and how a group of AI agents or an army of AI agents can be used in a security operations uh center And I have a short example and

we'll go through some challenges. So just explaining a bit more about uh sock. Yeah. So yeah is just 31 years old. Uh security operation center for any organization is basically a team of uh 24x7 analysts who will be working to protect uh company's data uh intellectual properties and the way it would work is uh sock would work off of alerts or detections that the detection team uh would create. Now breaking a bit more on an alert or an event. So it is a set of rules or um set of logic which triggers based off uh some thresholds. For example um your company might be interested in knowing someone logging in from an unauthorized location or a

different country. It can be an alert. A simple alert could be like someone failing entering uh passwords or brute force attempts like 25 passwords in 5 seconds. Those kind of things. So all of these are alerts right. So now the problem is to handle these alerts security analysts have to um use multiple tool set. So obviously there is the SIM or sore or any input mechanism wherever you get your alerts from. Then to handle that alerts you need access to active directory. Sometimes you need access to ticketing tools. You need access to the proxies. you need access to the firewall logs and those kind of things to to analyze that particular alert. Um sometimes you need

to go through HTTP traffic. You need to know those codes. Uh PowerShell offiscation. You need to decode it. You need to take some actions. If it is a fishing, you need to analyze the complete URL. Uh you need to purge those bad emails. So there is a lot of things that a sock analyst uh does. And on top of that all these things are very um timesensitive. So everything is done in a very high pressured high speed kind of an environment right. So so that is also a a challenge. So um all this manual process has to be addressed by some sort of automation and not just cyber security but uh every other industry in general uh we see that

relies on some level of uh automation. For example, um one wants to design a website wherein they just want to pull in the best deals available about a product uh based on all other websites. So there is web scraping that is done. You collect that data, you put it up, all that is automated. So this is one example simple example of an automation. Um think of a more manufacturing level or a warehouse level automation. uh you see that um boxes that needs to be shipped to New York land in there out of their whole chain boxes to be transferred to Chicago will go there. So this is all automation that we see in our daily life. Uh the challenge here is

um these automations are really very much uh predefined and static and does not have its own uh reasoning abilities does not have its own mind in a way right and many times uh these are very uh difficult to modify or change on the fly. It needs a lot of work to change those things right. So this is the problem uh with the traditional automation. So for now uh in sock uh we have in a way already migrated from sim to sore right. But again the problem uh about automation is the same. We need playbooks all the time. We need SOPs all the time. And if there is a gap in that playbook uh it is not going to work as

you want. And to fix that uh it is also a challenge many times. So now uh moving on to to the topic or uh the more central part of the topic is uh AI agents. So uh AI agent uh we can think of it as u uh first okay anyone experimenting with AI or AI agents uh has deployed one or okay uh not many but a few. Okay, awesome. So, uh AI agents we can think of it as uh lines of code or software uh which has uh ability uh to uh basically connect to an LM LLM large language model from where it can uh get more information and get more context and u it also has an access to the tool set of

your infrastructure wherein you grant it the access and uh it can take actions on behalf of a human sock analyst or a human analyst. Right? So that is the whole idea and it has a short-term and a long-term uh memory uh wherein it becomes more easier for the AI agent to um learn from its own past mistakes. I mean you you can rate you can give it a feedback that this was done right, this was done wrong and it would learn from that uh reinforcement learning or that uh feedback basically. Right? So um there are different features or many more than this. Uh I'll just quickly cover one or two. We just don't want to

think of any LLMs or AI agent as just a storytelling machine or a programming uh kind of thing. It is more beyond that, right? It has a reasoning and strategizing abilities. Uh if you give it a cyber security related question or a scenario that this is what is happening, how would you respond to it? It is going to give you a detailed uh response of what things can be done. So the whole idea here is to um convert the instructions to prompts basically and then a playbook or to a template because uh LLMs or like any Genai, Gemini or whatever uh you all must be using it works out of prompts right you give it a

prompt and it gives you an answer. So uh think of it uh in a way of converting a playbook to a template which is full of prompts that uh will be fed to the AI agent and uh that's how it will take uh actions. So uh this is the whole uh crux of the thing or the main uh uh slide about how there can be a group of AI agents or an army of AI agents uh work together uh to handle some of your security operations uh center uh work right so there is an alerting mechanism and your alert input can be anything there will be agents So these agents or the main thing to

note about these agents is everything has to be really uh specific because um the way how human analyst work is there is a lot of different complex task that they do together. But in terms of AI agent we have to think of it as we have to give each one individual specific tasks and the power unleashes when all of them work together to take the actions right. So an alert would come to handle the alert. There is a group of uh AI agents that is the uh alert fetcher agents you can call it that. Then after extracting the important information uh you pass it to the investigative and the analysis agents they perform their analysis and then you

pass it to the decision making and the response agent and those have the access to the tool set of your environment. For example, um the AI agents come across a malicious hash, you want to block it in your environment. Uh that is the work of the decision and the response agent to do that, right? And at the bottom uh we have like control and coordination agents basically because while in sock uh many times you need to uh raise a different uh service now ticket or any case management tool or IBM tool whatever you might be using uh you need to do that you need to uh place a forced block on proxy for any domains or any

firewalls those kind of things. So there has to be a constant uh connectivity those servers or those mechanisms should also be up and running to enable or facilitate sock analysts role. So who is going to all those kind of things. So there will be a set of uh control and coordination agents uh that that can take care of that and all these agents will in a way be connected to a large language model which is customtrained based on the context of your uh organization. Now context is the key because anyone would be able to build the automation and get things working. U but like think of it as a human analyst. So what is the specialtity of a human

analyst? We have the context of our organization. Something that is um not normal in your organization might be very normal in my organization. The level of traffic that my organization faces might be different than yours. So humans have that context. So uh the real game changer here would be the customtrained LLM models based on um the context of your particular uh infrastructure. that's where the real value would uh uh come in. So that that's the concept of the semi-autonomous sock and it has been deployed in few companies. There are companies dedicated to creating the AI virtual sock analysts and it is not a 100% replacement of a human analyst or the entire team but think of it as a

force multiplier of your team uh who will not get burnt out who will never be tired who will work 24 by7 with you and um you know with high accuracy and very high speed as well right because when you are tired you can it it's very easy for you to u put 10.12.13.14 for an IP address wherein it was.04 04 at the end just for a lame example out there, right? So those mistakes can be avoided by this kind of AI sock agents and this is just a group of AI agents I was talking about. So these boxes, the smaller boxes inside I have just categorized them under groups. And if you would have like scanned that

QR code earlier, I have very detailed description of all the uh AI agents and the specific tasks that u they would perform. And this is just a quick uh slide of u agency of those AI agents. And this is as per Nvidia but different company would define it in a different way. So the first or level zero is inference API. It's just like uh Gemini or J GPT. You just query and you get a response. First one is a deterministic system which will have a predefined set of rules and it will just do that. Second is a weak autonomous system wherein it will still have some predefined rules but it will also use its own context and uh uh it you use

some of its agency to take actions then is a fully autonomous uh system wherein it will decide to give you control back or not it is going to take care of everything given the right uh access right so that's about the level of agency this is a very short example I wanted to throw in here now to solve is you don't need AI. Believe me, it can be done without AI. However, I want to uh I want you all to think of it in a way that if an AI agent will do some of these task, how would it look or how would it go? So, it like as I explained earlier, it will have a alert fetcher

agents. It will fetch your alert. It will extract the entities. It has to be enriched with some more information which is not already there. it uh it has to be enriched with the context of your environment and it will pass through the investigation agents. It will collect the evidences. It will run a scan. It now has a power of a custom LLM within it uh so that it can get some more context over there and it can also take actions if you allow it. So that's a short uh example for that and definitely all of these comes with lot of advantages and as well as a lot of uh challenges right so the agents that you

would have would be limited by the customtrained LLM model you have in there if that LLM is not trained against uh any similar scenario it is not going to know how to react if it is uh exposed to any unfamiliar environment And just like think of it as someone just right out of school and working for your sock. They are not going to know what to do. It has to be trained. Even like in organizations we have cyber awareness training for humans who are not so much techy or like all sort of employees right. Uh so everyone has to be trained. So think of an AI agents or a group of AI agents in a similar way that they

would have to be trained. So exposing directly to an unfamiliar environment um might not be the best idea and we all know about how AI can be targeted. Think of like prompt injection attacks or different attacks. Uh so your AI agents can also be targets. Uh the second last point is tracibility of AI agents that I want to emphasize more on. So what I mean by tracibility is that whatever actions you allow your AI agents to take, they are going to take it. But then there should be a detailed log of everything. You should be able to trace back what it did because it happens a lot sometimes in sock that an alert or an event or an incident uh you worked on

two weeks back uh like something surfaced again and you want to look at it. So you need to go through the notes and you need to see what happened. So that is why traceability is really very important and obviously the risk of granting access. So the risk would come in from not from not not 100% from the agency you give to these AI agents but from the unpredictability of the model's behavior uh about the access that you gave to it. So that is a a risk uh I wanted to define here and yep that's that's pretty much uh I see the time up banner so open to feedback and uh ready to questions uh ready for any questions

if if there are

So I don't like to think of it as uh you know cutting off what you already have and then 100% focusing on this. So it is it has to be a hand inhand a parallel kind of an approach and I mean it would definitely be an extension of what you already have. You already have a SIM or a sore or EDRS and detection and response capabilities. So this kind of mechanism can be an extension to that because an alert still has to trigger from somewhere for for your AI sock agent to take care of it. So uh depending on like um I mean it will be best approach to first target the lowhanging fruits identifying like you

know your sock the best what kind of stats you have what kind of alerts your analyst spend the most time on within that what are the subtask wherein they spend the most time on what are the pain points and then trying to automate those first and then slowly phasing out the traditional system. So it would completely uh depend. So I mean the I I cannot answer like a fixed uh time for that like it is going to take you 3 months or 6 months kind of. All right. I see one there.

Oh yeah, sure. So it's not a site. It's just uh it's just one article but uh yeah it will help with some definitions out there right uh questions. Okay one back there. Yeah. So what is the uh occurrence of either the weak or the fully autonomous systems taking action against false positives or not taking actions against true positives and do you see any impacts with that? Definitely there are impacts. So to answer the occurrence part uh it's difficult to give any number but uh think of it as a system wherein um think of it as a weak autonomous uh system wherein once it takes some actions you will always have a human sock analyst or your team of analyst to

rate it and review it. If it uh worked correctly, you just rate it as a thumbs up. For example, it is going to go through the feedback loop again and your AI or your model is going to learn from it that whenever something similar comes, the AI agents handled it perfectly. So it is a thumbs up. If not, something has to be changed or tweaked. So that tweaking would be in the form of the prompts that you provide to like that's what I mentioned right think of it as uh changing the instructions to prompts and like playbooks to a templates with a set of uh prompts. So it it it would definitely like it would

depend on that. Thank you. Yep. All right. I think uh we are at time. Thank you so much for being patient and uh listening and thank you so much to the organizers and volunteers and everyone to put up a great con. I really appreciate [Applause] it. And for like-minded individuals, if anyone want to get in touch, uh feel free to shoot me a LinkedIn uh request. You can uh scan it here. Thank you so much.