In this blog

Generative AI technologies are transforming at an accelerated pace, significantly impacting various industries including cloud-native environments and Cloud-Native Application Protection Platforms (CNAPP). These advancements are set to boost the efficiency, capability and overall performance of these platforms.

Generative AI facilitates a multitude of enhancements such as sophisticated data creation, security assessments, content customization, streamlined automation, evolving architecture designs, predictive analysis and perpetual enhancements. These improvements are crucial for fostering innovation, operational efficiency and customer satisfaction within the cloud-native landscape.

A notable application of this technology is Cisco's cloud application security solution, Panoptica, which has recently incorporated generative AI features into its Attack Path Remediations.

Issues with traditional remediation approaches

Historically, remediation methods involved static textual solutions displayed on a page for each identified threat, which presented significant challenges:

  • Development challenges: Managing and updating hundreds of static remediations manually for each new threat proves to be cumbersome with little to no understanding of real threat potential.
  • User experience issues: The remediations were often vague and lacked detailed instructions for addressing security concerns, placing undue burden on users to figure out the solutions on their own.

Innovative remediation with attack path analysis and generative AI

To address these issues, Panoptica has integrated its platform's graph engine with OpenAI's ChatGPT-4. This integration allows the AI to analyze the attack path's structural and security data — such as network exposure and vulnerabilities — and generate detailed, contextual remediations, often presenting solutions with exact command sets to run for remediation.

Detailed Remediation Structures

The AI system categorizes remediation instructions based on the type of security threat:

  • Network threats: Recommendations for adjusting ACLs and gateways.
  • Workload threats: Strategies for mitigating configuration risks and vulnerabilities.
  • Identity threats: Guidelines for managing permissions and policies.

Each category includes tailored remediation suggestions such as:

  • Web-based guidelines: Easily accessible through the cloud provider's web console.
  • CLI commands: Command-line instructions specific to the cloud provider.
  • SDK code snippets: Custom scripts using the cloud provider's official SDK.
  • Terraform configurations: Infrastructure-as-code templates for automated setups.

These remediations are designed to be comprehensive and user-friendly, providing clear, step-by-step instructions tailored to user preferences and operational standards.

Protecting data privacy

In line with privacy standards, no sensitive client identifiers are exposed to the AI. All potentially identifiable information is anonymized before AI processing and restored securely post-analysis to maintain confidentiality and integrity in user interactions.

Enhancing cloud security and user experience

As generative AI continues to evolve, Panoptica is dedicated to refining AI-generated remediations to improve the identification and resolution of critical security issues automatically.

To learn more about Cisco's initiatives in generative AI, click here

To discover how Panoptica can enhance your cloud security reach out for a live demonstration.