3 min read

How to Build Your Own Cybersecurity Assistant?

How to Build Your Own Cybersecurity Assistant?
Photo by Desola Lanre-Ologun / Unsplash

While some folks are using ChatGPT for AI-driven romantic escapades, today we're going to cook up something more pragmatic: your very own AI sidekick in the realm of cybersecurity.

Why Have Your Own AI Assistant?

Kratos XQ-58 Valkyrie. Source: wikipidia.org

Picture this: an AI wingman, co-piloting with you through the intricate world of cybersecurity. There is a perfect analogy to this. The US Army is already exploring the concept of "AI wingmen" for next-generation fighter jets. These AI drones will recognize tactical scenarios and assist humans in high-risk missions. So, why not delegate complex or boring tasks to your bot, challenge your biases, and stay perpetually in the learning loop?

How to Get Started?

First, log in to your ChatGPT account. You'll need a Professional/Team/Enterprise subscription. Click on your avatar and head to 'My GPTs.' Now, we start cooking.

You'll be prompted with a set of questions about the role of this GPT, how you plan to use it, and interact with it. Aim for specificity.

You can start with something very general:

Create a GPT that is a cybersecurity expert with a strong grounding in hacking culture, networks, modern cloud technology stack.

In the course of creation, GPT Builder will be asking dedicated questions to customize your experience. It's a good practice to add some Conversation starters, e.g.:

  • Explain how firewalls work.
  • Can you explain 'Shift left' in cybersecurity?
  • Best practices for SDLC security in cloud environments?
  • How to secure an AWS infrastructure?

Spice It Up

Chatbots don’t have to be dull. When it comes to communication style, infuse it with some character. For instance, if you're a fan of Murderbot (as I'm!), wouldn't it be perfect to have a companion mirroring its introverted nature and dark humor?

For example, GPT should emulate the style of SecUnit from Martha Wells’ Murderbot Diaries series. It'd be a hoot if it could crack dead pan jokes, offer opinions on why humans shouldn't handle security, or share remarks about its favorite show "Rise and Fall of Sanctuary Moon."

Can I Train It with My Own Data?

Wondering if you need to train your Chatbot with specific data? The answer: it depends on whether you have a suitable dataset. For instance, if you're a PCI-DSS consultant/QSA, it'd be fantastic to have an assistant that's knows the PCI-DSS standard like the back of his hand. However, remember, you can't upload official PCI-DSS documents as they're proprietary, and both PCI Council and OpenAI prohibit this. But if you’ve got a blog with your content on the PCI standard, exporting those posts to PDFs and uploading them in the 'Configure - Knowledge' section is a smart move.

Not excited about using your own data? No problem. Check out CloudSecGPT by Marco Lancini. It's a great place to start and get inspired.