AI Use Cases & Risks
Session
Wednesday, December 04, 2024 11:15—12:15
Location: Solar
Wednesday, December 04, 2024 11:15—12:15
Location: Solar
Outline:
Intro
- Who we are
- Benefits of adding AI to your workflow as an attacker
Why
- Is everyone using this, and not talking about it????
- People using AI for interviews (and failing)
Why not?
- AI is great for base level explanations (like answering interview questions)
- AI is trained or fine tuned with built in ethics
- Demo
- Good for coding but not off sec. Unless..
How
- Ethics bypasses
- Social engineering your AI assistant
- Wheel of morality
- Rephrasing and lying
- "Give and get" tactics
- System prompts
- Bypass Copilot ethics using.. Copilot
- Demo/screenshots
- Train or fine tune your own model
- Use an uncensored LLM
- AI prompts and system context
- Don't download a reverse shell
- Demo/screenshots
We'll explore the current landscape of AI in offensive security, acknowledging its benefits while also addressing why its adoption isn't more widespread. The discussion will include a candid examination of AI's capabilities for foundational tasks, tempered with a realistic view of its limitations, and the unique advantages that local AI systems can bring to the table.
Through demonstrations, we'll illustrate how AI, particularly local models, can be adapted to support offensive security operations, offering insights into ethics bypass techniques. Additionally, we'll touch on the customization of AI models and the cautious use of uncensored LLMs, providing an assessment of when and how these tools could be employed.
We'll cut through the noise to focus on practical, responsible applications. This session will empower people to critically assess AI's place in the red teamer's toolkit, encourage the exploration of local AI, and leverage its strengths without overestimating its capabilities.
The integration of Artificial Intelligence (AI) into document management systems (DMS) marks a significant evolution in how organizations handle vast amounts of unstructured data embedded within documents such as contracts, reports, and invoices.
This session explores the advancements in AI-powered data extraction, focusing on the use of Large Language Models (LLMs) to automate and enhance the accuracy of information retrieval from PDFs and other document formats. By leveraging natural language processing (NLP), AI systems can comprehend context, identify relevant data points, and compare multiple documents simultaneously, drastically reducing manual labor and improving efficiency. The benefits of AI-driven data extraction extend across various industries—legal, financial, healthcare, and research—offering increased operational efficiency, enhanced accuracy, cost savings, and better decision-making capabilities. However, the adoption of AI in DMS also presents challenges such as data privacy concerns, the need for domain-specific training, and integration complexities. As AI technology continues to evolve, it promises to further revolutionise document management, enabling organisations to unlock the full potential of their data and maintain a competitive edge in a data-centric world.
Subtitle: Anticipating risks and controls for the next stages of the AI revolution