๐ Security Tool Cheatsheet
Alex Morgan — Senior Penetration Tester
Why AI Changes the Game for Cybersecurity Analysts
AI tools have revolutionized how cybersecurity analysts can enhance their workflows, streamline incident response, and generate reports with greater efficiency. By harnessing the capabilities of tools like ChatGPT, Claude, and Copilot, analysts can leverage AI for tasks such as threat intelligence analysis, incident report generation, and vulnerability management.
Before You Start: How to Set Context Properly
Setting the right context is crucial for getting optimal responses from AI. Here are some strategies:
- Define the Role: Specify the role you want the AI to adopt, such as a cybersecurity expert or an incident response analyst.
- Provide Background Information: Give a brief overview of the scenario or issue at hand to guide the AI.
- Set Parameters: Specify the type of output you expect, such as a list, report, or a set of recommendations.
Core Prompts Cheatsheet
What it does: Gathers up-to-date information on threats.
When to use it: When preparing reports or threat assessments.
Customizing: You can specify industries or geographical locations.
What it does: Produces a structured incident response plan.
When to use it: During tabletop exercises or real incidents.
Customizing: Adjust the details based on your organizationโs protocols.
What it does: Provides a briefing on a specific vulnerability.
When to use it: When assessing the impact of certain CVEs on your environment.
Customizing: Insert the relevant CVE code to get more tailored info.
What it does: Constructs a training program to educate staff on security practices.
When to use it: To develop or refresh training materials for your organization.
Customizing: Specify topics like password management or social engineering.
What it does: Generates a compliance checklist to adhere to GDPR regulations.
When to use it: When your organization is preparing for audits or compliance checks.
Customizing: Add additional regulations or frameworks as needed.
What it does: Assists in interpreting logs to find irregularities.
When to use it: When conducting forensics or post-incident analysis.
Customizing: Provide sample logs for more targeted analysis.
Weak vs Strong Prompt Examples
Advanced Prompt Techniques
Proficient prompt engineering can enhance the quality of responses significantly:
- Role Prompting: Specify a role for the AI to take on, which sets context. For example, “Act as a cybersecurity analyst focusing on enterprise-level threats.”
- Chain-of-Thought: Ask the AI to think step-by-step to encourage detailed analysis.
- Few-shot Examples: Provide examples of desired outputs to illustrate the format or style you want.
- Output Formatting: Request outputs in specific formats (list, bullet points, tables) for easier consumption.
Claude vs ChatGPT: Which Works Better For This
While ChatGPT (especially GPT-4) is known for its conversational style and general language capabilities, Claude excels in structured and concise outputs. Depending on your task:
- ChatGPT: Best for narrative generation, brainstorming, and when a conversational tone is beneficial.
- Claude: Ideal for structured data analysis, checklists, or technical documentation where clarity and precision are paramount.
Tips for Getting Consistent Results
- Be Specific: More detailed prompts typically yield better results.
- Iterative Refinement: Edit your prompts based on the initial responses and refine them for clarity.
- Test Variations: Experiment with different phrasings or contexts to discover which works best.
Quick Reference: All Prompts in One Place
- List current cybersecurity threats affecting small businesses.
- Generate an incident response plan for a phishing attack.
- Summarize the CVE-2023-12345 vulnerability and provide mitigation steps.
- Draft a security awareness training outline for employees.
- Create a compliance checklist for GDPR.
- Analyze logs from a recent security incident and identify anomalies.