Overcoming Barriers in Security DSLs with BabbelPhish - Empowering Detection Engineers

Explore an innovative approach to bridging the gap between natural language queries and security domain-specific languages (DSLs) in this conference talk from BSidesLV. Discover BabbelPhish, a tool that leverages large language models to empower detection engineers in threat detection, analysis, and mitigation. Learn how this technology can be applied to MQL, Sublime Security's free DSL for email security, and its potential for other DSLs. Gain insights into BabbelPhish's architecture, training process, and optimization techniques for improving translation accuracy and query validity. Through live demonstrations and user interviews, see real-world applications and implementation options, including a VSCode plugin. Understand how large language models can integrate natural language capabilities with the precision of security DSLs, making detection-as-code platforms more accessible to a wider range of security professionals and streamlining security management and threat hunting processes.

GT - Overcoming Barriers in Security DSLs with BabbelPhish