《人工智能时代的漏洞链.pdf》由会员分享,可在线阅读,更多相关《人工智能时代的漏洞链.pdf(5页珍藏版)》请在三个皮匠报告上搜索。
1、Vulnerability Chaining1.Combination of low and medium vulnerabilities2.Not all vulnerabilities created equal!3.Not every vulnerability has a CVE ID4.Identity and Access Management5.Network Security6.Cloud Account ManagementIntroduce AI into Vulnerability Chaining Combination of Systems Mapping and C
2、onnectivity Exposure ManagementInfrastructure Overly permissioned accounts SSO and password management Cloud configurationIdentity and Access Management Deep Fakes False Personnel Social EngineeringHuman FactorsActionable Next Steps Identification where does AI touch systems?Access Management where do accounts have access?Connectivity of systems where can we add network segmentation?Human Factors how do our users use AI tooling and in-house AI systems?Technical debt where may AI touch/access old vulnerabilitiesReach out to me on LinkedIn!