Copilot Studio is a Microsoft AI agent for the enterprise. An ordinary non-techie user can make a chatbot search front-end for your company data. It’s a chatbot agent, so it’s full of h…
I wrote yesterday about red-team cybersecurity and how the attack testing teams don’t see a lot of use for AI in their jobs. But maybe the security guys should be getting into AI. Because all these agents are a hilariously vulnerable attack surface that will reap rich rewards for a long while to come.
Hey, look on the bright side, David - the user is no longer the weakest part of a cybersecurity system, so they won’t face as many social engineering attempts on them.
Seriously, though, I fully expect someone’s gonna pull off a major breach through a chatbot sooner or later. We’re probably overdue for an ILOVEYOU-level disaster.
But maybe the security guys should be getting into AI.
Sadly in my exp the security people are getting more and more into using LLMs for various stuff. Could also just be because that is where all the money is now.
Some days it feels like developers are headed for a Morlock/Eloi split, except the Eloi are sickly and unappetizing due to a steady diet of glue pizza and mushroom surprise
Yeah, I was very disappointed in the risky business guys who while initially skeptic at LLMs and very mad that after the christchurch neo-nazi shooting cloudflare protected them. Went to “well Trump’16 wasn’t that bad on cybersecurity, and project 2025 is also pretty good, even if a bit odd in tone, we will have to stay positive and wait and see Haha!” and being a bit more into AI hype. (the latter pays a lot of their bills of course).
And look at this AI critic/sysadmin who also is for sale (yes, this bit is joking from my end).
Hey, look on the bright side, David - the user is no longer the weakest part of a cybersecurity system, so they won’t face as many social engineering attempts on them.
Seriously, though, I fully expect someone’s gonna pull off a major breach through a chatbot sooner or later. We’re probably overdue for an ILOVEYOU-level disaster.
Sadly in my exp the security people are getting more and more into using LLMs for various stuff. Could also just be because that is where all the money is now.
Some days it feels like developers are headed for a Morlock/Eloi split, except the Eloi are sickly and unappetizing due to a steady diet of glue pizza and mushroom surprise
Yeah, I was very disappointed in the risky business guys who while initially skeptic at LLMs and very mad that after the christchurch neo-nazi shooting cloudflare protected them. Went to “well Trump’16 wasn’t that bad on cybersecurity, and project 2025 is also pretty good, even if a bit odd in tone, we will have to stay positive and wait and see Haha!” and being a bit more into AI hype. (the latter pays a lot of their bills of course).
And look at this AI critic/sysadmin who also is for sale (yes, this bit is joking from my end).
aw man I’m glad you brought that up. I generally like their show, but gestures broadly at all of that. I also wonder how much of it is money-driven.
iirc it was in one of the episodes just after Trump had won and I was just listening and going ‘euh, think yall are a bit too joking about this’.