当前位置:首页 > 报告详情

主题演讲 _ 增强现实时代:颠覆还是被颠覆.pdf

上传人: 可*** 编号:991766 2025-12-07 17页 24.71MB

1、Pedram Amini,Founder/Hacker/Investor/AdvisorTHE AUGMENTED ERADisrupt or be Disrupted Red/Blue emerged in the 1960s We adopted Red/Blue in 1990s,Purple in 2010 Its and not versus,optimal to cross-train I agree with ye old adages on the matter,the defenders dilemma or attackers advantage Hack and Defe

2、ndGenAI is the Elephant in the Room Biggest technological revolution of our lifetime Weve built technology that has emergent behaviors Heavy pressure towards rapid adoption Security as an afterthought.again 48%of CISOs rank AI security as#1 concern Benefits,problems,threats,solutions20052015202550k

3、View:Exploits and Mitigations Human era.Single researcher could find multiple 0days.Asymmetry favored attackers.Widespread OS and compiler mitigations,bug bounties,budgets.Now it takes a sophisticated team.AI Disruption is here,see actor adoption and significant innovations.Exploitation is Sophistic

4、ated yet Commonplace Nation states and commercial surveillance vendors are the biggest source of ITW 0day Mitigations are strong but stakes are high Mobile bounties leap from$7M to$20M The market is driving innovation 60%of 0day in 2024 targeted defensive security fabricSOTA in Exploitation Automati

5、on XBOW reached#1 on HackerOne in June.Model upgrade to GPT-5 doubled performance.Darpas AIxCC challenge demonstrated a 100 x cost reduction in exploitation at scale.and found a real-world SQLite3 bug.HexStrike orchestration framework has 250+specialized agents.Actors leveraged it to exploit Citrix

6、CVE within hours vs days.50k View:Enterprise Security SIEM era.Detection reliance on signatures.Asymmetry favored attackers.EDR increases observability with a human in the loop.SIEMless era.Cloud scale data lakes and bespoke ML.AI Disruption?Continuous pen testing?AI SOC?Attack Surface?20052015202?2

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据报告的内容,全文主要内容概括如下: - **AI安全挑战**:AI技术快速发展,但安全常被忽视,48%的CISO将AI安全列为首要关切。 - **AI攻击与防御**:AI攻击日益复杂,但防御措施也在加强,如移动赏金从700万美元跃升至2000万美元。 - **AI在安全领域的应用**:AI在恶意软件开发、虚假身份、侦察和基础设施方面被用于攻击。 - **AI辅助技术**:AI辅助技术如ChatGPT-5在自动化攻击中表现突出,但可能导致疲劳和误报。 - **AI的机遇与风险**:AI带来巨大投资和创新,但也存在被滥用的风险,如AI模型被毒化。 - **AI的未来**:AI应被拥抱,并嵌入到个人和企业工具中,以增强防御能力。
挑战与机遇" "AI时代,黑客如何应对?" "AI赋能,企业安全升级!"
客服
商务合作
小程序
服务号
折叠