π Security Tool Cheatsheet
Alex Morgan — Senior Penetration Tester
Why AI Changes the Game for Incident Response
Incident response is time-sensitive and requires rapid decision-making. Leveraging AI tools like ChatGPT or Claude can streamline the analysis, automate communications, and present potential solutions or remediation steps. AI can assist in processing large volumes of data and generating actionable insights effectively, allowing professionals to focus on critical tasks.
Before You Start: How to Set Context Properly
Setting context is crucial for AI to deliver a relevant and accurate output. Here are some steps to ensure the context is properly set:
- Define the role: Specify that the AI should act as a cybersecurity incident response expert.
- Provide background: Include details like the type of incident, the systems affected, and any existing data.
- Ask specific questions: The more precise your inquiries, the better the responses youβll receive.
Core Prompts Cheatsheet
Incident Type: Phishing Attack
Details: A user reported an email with a suspicious link.
This prompt asks the AI to structure a response that includes investigation steps, highlights potential areas to check, and offers remediation advice.
Incident: [Insert Ransomware Name]
This prompt guides the AI to generate specific IoCs relevant to the incident, which can aid in detection and prevention.
[Insert Log Entries]
This prompt encourages the AI to parse through complex data and highlight critical anomalies.
[Insert Scenario]
This prompt checks the AI’s ability to critically assess your existing frameworks to identify areas for improvement.
Include essential elements required by law.
This prompt focuses on generating tailored stakeholder communication, ensuring that it adheres to legal and regulatory standards.
– Root cause
– Response effectiveness
– Suggested improvements
This prompt specifies a structured way to reflect on past incidents and communicate findings for future readiness.
Weak vs Strong Prompt Examples
[Insert Incident Details]
Advanced Prompt Techniques
To maximize AI efficiency, consider the following advanced techniques:
- Role prompting: Clearly define the role you want the AI to adopt.
- Chain-of-thought: Encourage the AI to reason step-by-step.
- Few-shot examples: Provide a few examples to demonstrate the task to the AI.
- Output formatting: Specify how youβd like the output structured, e.g., bullet points, tables, etc.
Claude vs ChatGPT: Which Works Better For This
Generally, Claude excels in tasks requiring understanding of context and nuance, making it ideal for complex inquiries. On the other hand, ChatGPT, especially newer versions, can be better at generating succinct lists or straightforward answers. Consider utilizing both tools for complementary capabilities. Fine-tune your prompts for the specific AI capabilities and learning styles.
Tips for Getting Consistent Results
- Contextual relevance: Always include relevant background and specifics to your prompts.
- Iterate: Don’t hesitate to rephrase or adjust your prompts based on previous outputs.
- Feedback Loop: Use AI-generated responses as a foundation for further inquiries.
Quick Reference: All Prompts in One Place
- You are an incident response specialist …
- List the indicators of compromise (IoCs) …
- You are a digital forensics expert …
- Evaluate the strengths and weaknesses …
- Draft a communication template …
- Create a summary of lessons learned …