🤖 AI Prompts Cheatsheet
Daniel Osei — AI-Assisted Security Engineer
Why AI Changes the Game for Cybersecurity
AI tools have revolutionized how cybersecurity professionals operate. They can assist in automation, threat detection, incident response, and enhancing human decision-making. By utilizing AI models like ChatGPT and Claude, security analysts can streamline their workflow and improve efficiency in tackling complex tasks, generating reports, and analyzing data.
Before You Start: How to Set Context Properly
Establishing context is crucial when working with AI. Be specific about your needs and provide any relevant background information. The more context you give the AI, the more accurate and useful its responses will be. For example, if you need an incident response plan for a specific type of attack, mention the attack vector, the system architecture, and any existing policies.
Core Prompts Cheatsheet
What it does: The AI generates a tailored incident response plan for dealing with phishing attacks.
When to use it: Use this prompt when you need to quickly develop an IR plan or template.
How to customize it: Modify the sector or attack type for other scenarios.
What it does: This prompt requests a list of IOCs that can help in detecting ransomware.
When to use it: Use when building a threat detection strategy or tuning alerting systems.
How to customize it: Adjust the attack type for different threats.
What it does: Generates a simplified explanation of a specific vulnerability.
When to use it: Handy when preparing reports for stakeholders who are not technical.
How to customize it: Change the CVE ID to summarize different vulnerabilities.
What it does: Generates an incident notification email template.
When to use it: Use when a data breach occurs to promptly inform employees.
How to customize it: Tailor the content based on incident specifics and company policy.
What it does: Asks AI to summarize key findings and incidents from a week.
When to use it: Useful for creating quick updates for security teams and management.
How to customize it: Specify the metrics or incidents to include for tailored reporting.
Weak vs Strong Prompt Examples
Advanced Prompt Techniques
Employ advanced prompting techniques for better results:
- Role Prompting: Assign a role to the AI, such as “As a cybersecurity analyst, provide…” for context setting.
- Chain-of-Thought: Ask the AI to explain its reasoning or steps taken to reach an answer.
- Few-Shot Examples: Provide examples of desired outputs to guide results.
- Output Formatting: Specify format (list, table, detailed) to structure the response effectively.
Claude vs ChatGPT: Which Works Better For This
ChatGPT: Excellent for generating descriptive text, incident reports, and drafting communications. Known for providing detailed narratives and explanations.
Claude: Better for analytical tasks and concise information retrieval, often favored for generating lists and comparisons.
Choose based on the specific task at hand or use both for diverse approaches.
Tips for Getting Consistent Results
- Set Context: Always set a context for the analysis or request.
- Be Specific: Specify the type or depth of information needed.
- Iterate: Refine prompts based on previous responses to hone in on desired outputs.
- Ask Follow-Up Questions: Dig deeper into specifics after getting initial responses.
Quick Reference: All Prompts in One Place
- Generate a detailed incident response plan for a phishing attack against a financial organization.
- List the top 10 indicators of compromise (IOCs) for detecting ransomware attacks.
- Summarize the CVE-2022-12345 vulnerability.
- Draft an email to inform employees about a data breach incident.
- Generate a weekly cybersecurity report summary based on data from a SIEM tool.