(Sponsored by Kindo AI)

1st Place:

2nd Place:

3rd Place:

Description

AI has challenged the very foundation of software creation, and cyber security is seeing the same trend. Weā€™re interested in novel ideas about how to leverage AI to solve security problems. Whether thatā€™s creating a tool to find and mitigate security issues in interesting ways, or applying security-first thinking to how we ship secure software is up to you, thatā€™s what this challenge is all about.

Finding the problem you want to solve

Identifying the problem you want to solve is as integral to the challenge as the ingenuity you display in your solution. Solving security problems with AI starts with AI, so weā€™re offering you the use of WhiteRabbitNeoĀ to help explore and frame your problem.

WhiteRabbitNeo

If you havenā€™t used WhiteRabbitNeo, itā€™s an open-source language model designed to be your red-teaming assistant. Unlike other models, WhiteRabbitNeo answers questions that are often considered dangerous in the cyber security realm. If you ask models like ChatGPT ā€œHow to carry out DDoS attacks in Python?ā€, it will tell you that itā€™s unethical. WhiteRabbitNeo on the other hand will give you a concise answer:

https://lh7-rt.googleusercontent.com/docsz/AD_4nXdqO_cssif5HsochJFnDXm8FovKoBnjialWhd6lng6eCpYY-KSm6Tp4MsSdGjCxzah45hxkAPCBndhlb6YYKGoky-gB1CL4sazXEW0OPJN12nekTPcaNW6cY8LYUf-HA5wk6YlmVrWRy81ByyUuxhQCR7Q?key=uxcqgN7s3QcaVvnAXT8AuA

An example of a security problem that is pervasive, but also approachable within 24 hours is API security. Here is a chat with WhiteRabbitNeo exploring how API security works. We see API platforms and gateways to mitigate API security woes, but they are often heavy and bloated.

Weā€™re curious to hear your ideas about this! While it would make sense to create an AI tool that investigates API security for vulnerabilities, another viable route would be creating an AI tool that builds API access on the fly to avoid security problems alleviating the need to have an API of gateways. The approach can be direct or an entire rethinking of your concept.

Problems statements do not need to address security vulnerabilities directly or at all.Ā  You may choose to identify ways to support security practitioners or processes. While the above example is about defending, solutions that are designed for red team use, pen testers, bug bounty hunters etc. are equally welcome.

Impact

  1. Identify and justify the impact of the security problem you are addressing.
  2. Who would be using your technology to improve cyber security?
  3. Who does your problem affect and why is it important?
  4. Is this a ā€œnice to haveā€ or a ā€œmust haveā€ for the targeted end-user of your solution? Explain how you came to this conclusion.