Senior Data Scientist, Security, Elastic
Using LLMs and ESRE to find similar user sessions
In our previous article, we explored using the GPT-4 Large Language Model (LLM) to condense Linux user sessions. In the context of the same experiment, we dedicated some time to examine sessions that shared similarities. These similar sessions can subsequently aid the analysts in identifying related suspicious activities.
Using LLMs to summarize user sessions
In this publication, we will talk about lessons learned and key takeaways from our experiments using GPT-4 to summarize user sessions.
Identifying beaconing malware using Elastic
In this blog, we walk users through identifying beaconing malware in their environment using our beaconing identification framework.
Getting the Most Out of Transformers in Elastic
In this blog, we will briefly talk about how we fine-tuned a transformer model meant for a masked language modeling (MLM) task, to make it suitable for a classification task.