Category

Machine learning

Subscribe

Learn more about how Elastic Security Labs has been focused on accelerating our detection engineering workflows by tapping into more generative AI capabilities.

placeholder image
Using LLMs and ESRE to find similar user sessions

Using LLMs and ESRE to find similar user sessions

In our previous article, we explored using the GPT-4 Large Language Model (LLM) to condense Linux user sessions. In the context of the same experiment, we dedicated some time to examine sessions that shared similarities. These similar sessions can subsequently aid the analysts in identifying related suspicious activities.

Using LLMs to summarize user sessions

Using LLMs to summarize user sessions

In this publication, we will talk about lessons learned and key takeaways from our experiments using GPT-4 to summarize user sessions.

Detect domain generation algorithm (DGA) activity with new Kibana integration

Detect domain generation algorithm (DGA) activity with new Kibana integration

We have added a DGA detection package to the Integrations app in Kibana. In a single click, you can install and start using the DGA model and associated assets, including ingest pipeline configurations, anomaly detection jobs, and detection rules.

Exploring the Future of Security with ChatGPT

Exploring the Future of Security with ChatGPT

Recently, OpenAI announced APIs for engineers to integrate ChatGPT and Whisper models into their apps and products. For some time, engineers could use the REST API calls for older models and otherwise use the ChatGPT interface through their website.

Automating the Security Protections rapid response to malware

Automating the Security Protections rapid response to malware

See how we’ve been improving the processes that allow us to make updates quickly in response to new information and propagate those protections to our users, with the help of machine learning models.

Detecting Living-off-the-land attacks with new Elastic Integration

Detecting Living-off-the-land attacks with new Elastic Integration

We added a Living off the land (LotL) detection package to the Integrations app in Kibana. In a single click, you can install and start using the ProblemChild model and associated assets including anomaly detection configurations and detection rules.

Identifying beaconing malware using Elastic

Identifying beaconing malware using Elastic

In this blog, we walk users through identifying beaconing malware in their environment using our beaconing identification framework.