The latest results are released! Revealing the implementation effect and 2.0 upgrade capabilities of Sangfor Secure GPT

On September 22, Sangfor demonstrated its secure GPT implementation results and 2.0 upgrade capabilities. Authoritative guest representatives from various industries: Chief Information Security Officer (CISO) of Midea Group and President of the Academy of Software Engineering, Academician of the European Academy of Sciences (MAE), IEEE Fellow, IET Fellow, ACM Distinguished Scientist, AAIA Fellow Liu Xiangyang, BAIC Zhang Zhiqiang, senior manager of the Group Information Security Department of Foton Motor Co., Ltd. and senior manager of the Network Security Department of Ouhui New Energy, Wang Junmin, research director of IDC Consulting Co., Ltd., and Li Shaopeng, founder of Shushi Consulting, discussed the implementation of the large security model from multiple perspectives. Application effect and trend analysis.

## Liang Jingbo, general manager of Sangfor Technology R&D, and Sangfor security attack and defense experts demonstrated the highlight capabilities of the secure GPT 2.0 upgrade, among which " "Intelligent Driving" can help users operate safely and autonomously, achieve 30-second assessment and containment of threats, and reduce the average closed-loop time of a single incident by 96.6%.

Secure GPT 2.0 upgrade

Start the journey of safe operation "intelligent driving"

Committed to using intelligent means to improve the effectiveness and efficiency of threat confrontation and empowering organizations to fight against powerful enemies, the newly upgraded Sangfor Security GPT has achieved the evolution from "1.0 assisted driving" to "2.0 intelligent driving". Behind this, what remains unchanged is the effectiveness of security GPT in detecting and judging threats such as 0day vulnerabilities and APT covert intrusions. What has changed is from " Minute-level closed loop, ten-fold efficiency improvement, million-level cost reduction", to "second-level closed loop, hundred-fold efficiency improvement, "Ten million-level cost reduction " and a jump in efficiency and capabilities.

• Assisted driving: natural language conversational operation, carrying more than 80% of the analysis and troubleshooting work

##Based on

Security GPT 1.0’s Advanced threat detection, security event interpretation, hot vulnerability troubleshooting capabilities, Security GPT 2.0Intelligence The driving capabilities have been further advanced and can currently handle more than 80% of alarm analysis, incident investigation, asset investigation and other tasks.

Upgrade1: Support the analysis, judgment and command line interpretation of terminal security alarms

Secure GPT combines network-side data aggregation analysis to provide interpretation capabilities and supports the interpretation of terminal command lines, threat intelligence, and malicious files.

has 5 years of professional analyst level interpretation effects.

Upgrade2: Simply click on the prompt question to complete the closed loop of alarm research and judgment

Security GPT has the ability to analyze and interpret, which can determine whether the attack is successful and avoid false positives. By providing multiple recommended questions, Safety GPT guides users to click on prompt questions continuously, thereby completing a complete closed-loop alarm research and judgment work

• Intelligent Driving: Safe Operation and Autonomous Duty , 30 seconds to identify and contain threats

Security GPT has upgraded its "intelligent driving" capabilities, like a virtual security expert, responsible for Monitor users’ daily security operations. By understanding security events through the thought chain, Security GPT can independently evaluate, process and summarize all alerts and events, thereby achieving complete processing of most alerts. In this process, human experts do not need to engage in complex conversations with GPT and only need to review or review as needed. Secure GPT leverages the evaluation and processing speed of large models to truly evaluate and contain threats within 30 seconds, reducing the average incident processing time by 96.6%

Upgrade1: Independently evaluate the alarm and automatically handle it

When a security alarm occurs, Security GPT parses the data packet and queries the intelligence. It can independently conduct research and judgment, characterize the incident, and automatically implement measures of isolation and impact investigation to achieve one-click eradication and

security, and generate an incident report. During the entire process, security operations personnel only need to review key links and view incident reports, without any further operations.

Upgrade2: Multi-modal interaction, thinking chain ensures that the research and judgment settings can be explained##Security GPT supports multi-modal interaction such as text and charts to realize event interpretation, and innovatively generates security research and disposition thinking chains, clearly conveying the analysis, research, and thinking process of alarms and events. Security operators do not need to open multiple interfaces to query information

The overall situation is clear at a glance.

Upgrade

3:Natural language dialogue,The analysis process can explain

Security GPT not only provides the research and judgment logic of the thinking chain, but also provides security personnel with in-depth answers to any alarms and events through natural language question and answer dialogue, assisting further research and judgment

Security GPT technology empowerment goal:

Revolutionally improve the effect and effectiveness of security construction Efficiency

With the goal of “revolutionarily improving the effectiveness and efficiency of security construction”, we are convinced of the security GPT The application of technology can be divided into two types:

1. Detection large model: As a new generation detection engine, it can detect more accurately and faster Potential intrusion activities, such as 0day vulnerabilities, APT hidden threat intrusions, etc. In this year's national-level offensive and defensive drills, Sangfor security equipment detected 150multiple 0day exploit attacks. The detection rate of detection equipment empowered by secure GPT technology has reached 90%.
Large operation model: As an intelligent assistant for security operations, it realizes automated on-duty, breaks through the bottleneck of user personnel capabilities and energy, and improves the efficiency and effectiveness of security operations.

In addition, Secure GPT has now fully empowered the security hosting service MSS. The combination of service experts and "digital assistants" has become the best partner, realizing human-machine intelligence and improving quality. Increase efficiency.

Currently, Secure GPT supports SaaS and localized deployment methods to meet the different needs of users.

Sangfor has always adhered to the new security architecture paradigm of

"Open platform leading component cloud service" , using The open security platform aggregates capabilities, simplifies deployment, and weaves security islands into archipelagos. Utilize various technologically advanced components to achieve the best security protection effects in various scenarios, and fully interconnect and collaborate with the platform and other components. Use cloud services to continue to rapidly develop security capabilities and ensure security effects.

Artificial intelligence is a revolutionary technology that changes the security attack and defense landscape. AI capabilities should be applied faster and deeper in the hands of security operators, outperforming AI in the hands of attackers. the speed of evolution. Sangfor believes that AI capabilities should be comprehensively deployed in platforms and components, and applied to services, whether it is securityGPT large model or AI For relatively traditional applications, the possibility of being used should be fully considered.

In the future, the capabilities of security GPT will continue to be upgraded and evolved, committed to revolutionary improvements in the effectiveness and efficiency of security construction, and helping every user achieve "one step ahead in security"

The above is the detailed content of The latest results are released! Revealing the implementation effect and 2.0 upgrade capabilities of Sangfor Secure GPT. For more information, please follow other related articles on the PHP Chinese website!