Rex Guo
He is currently the Co-founder/CEO of Culminate Inc. A company that builds an AI SOC analyst that investigates every alert like a tier-1 analyst and augment the rest of the SOC.
Previously, he built attack path analysis, polygraph threat detection, and CIEM at Lacework. Before Lacework, he worked in two early stage security companies. He was the Head of Research at Confluera (an XDR company acquired by XMCyber). Earlier than that, he was an Engineering Manager at Tetration (a CWPP company acquired by Cisco). Along his career building detection and response tools, he has investigated dozens of security incidents involving sophisticated attacks in data center and cloud.
He has authored 40+ patents and publications. He has presented multiple times at Black Hat, DEFCON and others conferences. He is also a MITRE ATT&CK contributor and has disclosed vulnerabilities in critical software. He holds a PhD from New York University.
Session
No doubt everybody is curious if you can use large language models (LLMs) for security operations such as cloud trail analysis.
In this talk, we will demonstrate how you can and can't use LLMs like GPT4 to analyze cloudtrail logs, and discuss in detail the promise and limitations of using LLMs this way.
We will go deep on how LLMs work and share state-of-the-art techniques for using them in the cloudtrail analysis contexts.