- Project Overwatch
- Posts
- #045 - Cyber AI Chronicle - Part 2: Practical AI Vulnerability Management
#045 - Cyber AI Chronicle - Part 2: Practical AI Vulnerability Management
PRESENTED BY
Cyber AI Chronicle
By Simon Ganiere · 24th November 2024
Welcome back!
Project Overwatch is a cutting-edge newsletter at the intersection of cybersecurity, AI, technology, and resilience, designed to navigate the complexities of our rapidly evolving digital landscape. It delivers insightful analysis and actionable intelligence, empowering you to stay ahead in a world where staying informed is not just an option, but a necessity.
Table of Contents
What I learned this week
TL;DR
Staying ahead of vulnerabilities, especially zero-days, is a race against time—one most organizations struggle to win. This week, I dive into how AI can transform vulnerability management, helping you identify and prioritize threats faster than ever. Discover a practical, agentic workflow that automates tracking and contextualizing vulnerabilities from the CISA KEV list, complete with actionable insights to reduce response times.» READ MORE
The geopolitics of AI are still running at full speed. In its latest report, the U.S.-China Economic and Security Review Commission (USCC) has raised concerns about China's advancements in Artificial General Intelligence (AGI). This includes a recommendation for a National AGI initiative, akin to the Manhattan Project, to accelerate US development of AGI technologies. The US has already implemented export restrictions of high-end AI chips to China over the past two years. Chinese companies seem to be bypassing those restrictions using cloud providers. The nomination of Howard Lutnick, a known China hawk, as the Commerce Secretary by president-elect Donald Trump is most probably going to spice up the situation.
Microsoft has announced a slew of AI products during Microsoft Ignite 2024, include a voice cloner, an AI dev platform called Azure AI Foundry, Copilot Actions, etc. You can find a summary from Microsoft here. Gemini now has memory as well (but you need to be a paid subscriber). Perplexity launches a feature that offers e-commerce recommendations, as well as the ability to place an order without navigating to a retailer’s website.
Meanwhile the cyber security world is true to itself…and surprise surprise we have a new round of zero days targeting edge devices with this week Palo Alto Networks as the start of the show. Rest assured Fortinet was not far behind with the exploitation of an unresolved security flaw in Fortinet’s FortiClient for Windows.