YoVDO

The Curious Case of the Rogue SOAR - Vulnerabilities and Exploits in Security Automation

Offered By: nullcon via YouTube

Tags

Cybersecurity Courses Network Security Courses Threat Intelligence Courses Vulnerability Assessment Courses Security Operations Centers Courses Security Automation Courses SOAR Courses Prompt Injection Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a thought-provoking conference talk that delves into the vulnerabilities of Security Orchestration, Automation, and Response (SOAR) tools and their potential exploitation. Learn about the critical implications of targeting the very systems designed to protect networks, and how such attacks can lead to complete network compromise. Discover insights into the far-reaching consequences of SOAR tool vulnerabilities, including the risks to internal devices and services in large corporate networks. Gain understanding of future attack vectors, such as log poisoning on Security Operations Centers (SOCs) and SOAR tools utilizing Large Language Models (LLMs) like ChatGPT, potentially leading to prompt injections. Examine the various acts of this presentation, from the introduction of SOAR concepts to the emergence of LLMs in cybersecurity, and grasp the importance of securing the tools meant to defend our digital infrastructure.

Syllabus

Speaker and Talk Introduction
Act 0: It Starts With A Pivot
Act 1: But what is a SOAR?
Act 2: A thought experiment
Act 3: Then there was a vulnerability
Act 4: Insights
Act 5: LLMS have entered the chat
Conclusion


Taught by

nullcon

Related Courses

AI CTF Solutions - DEFCon31 Hackathon and Kaggle Competition
Rob Mulla via YouTube
Indirect Prompt Injections in the Wild - Real World Exploits and Mitigations
Ekoparty Security Conference via YouTube
Hacking Neural Networks - Introduction and Current Techniques
media.ccc.de via YouTube
Mastering Large Language Model Evaluations - Techniques for Ensuring Generative AI Reliability
Data Science Dojo via YouTube
Indirect Prompt Injection Into LLMs Using Images and Sounds
Black Hat via YouTube