set a trap

cyberXtrap

Chat GPT and SOC Use Cases

Chat GPT can be a valuable tool in a Security Operation Center (SOC) for various tasks. Chat GPT can be used as a training tool for SOC analysts, providing interactive training scenarios, answering questions, and providing real-time feedback, outline of playbook and more.

Here are some potential use cases for utilizing Chat GPT in a SOC environment:

Use Case 1

Request : Splunk search query for windows audit logs clear use case.

Response :

Use Case 2

Request : Extract URL from JS “(function(_0x248cc5,_0x4cca0b){var _0x100652=_0x3f0d,_0x180477=_0x248cc5();while(!![]){try{var _0x469635=parseInt(_0x100652(0x13e))/0x1*(parseInt(_0x100652(0x13c))/0x2)+parseInt(_0x100652(0x13a))/0x3*(parseInt(_0x100652(0x139))/0x4)+-parseInt(_0x100652(0x13b))/0x5+parseInt(_0x100652(0x142))/0x6*(parseInt(_0x100652(0x13f))/0x7)+parseInt(_0x100652(0x137))/0x8+parseInt(_0x100652(0x140))/0x9*(-parseInt(_0x100652(0x138))/0xa)+-parseInt(_0x100652(0x141))/0xb*(parseInt(_0x100652(0x13d))/0xc);if(_0x469635===_0x4cca0b)break;else _0x180477[‘push’](_0x180477[‘shift’]());}catch(_0xa5c80){_0x180477[‘push’](_0x180477[‘shift’]());}}}(_0xc2a2,0xa547e));function _0x3f0d(_0x53b558,_0x1ac20c){var _0xc2a2ff=_0xc2a2();return _0x3f0d=function(_0x3f0dfd,_0x5aa016){_0x3f0dfd=_0x3f0dfd-0x136;var _0xe022ad=_0xc2a2ff[_0x3f0dfd];return _0xe022ad;},_0x3f0d(_0x53b558,_0x1ac20c);}function hi(){var _0x2185e1=_0x3f0d;console[_0x2185e1(0x143)](_0x2185e1(0x136));}function _0xc2a2(){var _0x3cc61b=[‘3316116yXoRKQ’,’403621TaYrtE’,’154tYASPh’,’2993553vxpYwc’,’66ULgbNY’,’294702CftCNp’,’log’,’Please\x20click\x20http://google.com’,’658568XRVJMo’,’10PwdRBB’,’5099048tTtbrF’,’3WeiPOz’,’2886170XwuOhk’,’4qoJRJt’];_0xc2a2=function(){return _0x3cc61b;};return _0xc2a2();}hi();”

Response :

Use Case 3

Request : Create YARA rule to find the file with the hash f28ddceb8c5c2e8665eee363d65d5d6f.

Response :

Use Case 4

Request : IOC for WANNACRY.

Response :

Conclusion:

It’s important to note that while Chat GPT can provide valuable assistance in a SOC, it should be used as a complementary tool alongside human expertise and judgment. Analysts should verify and validate the information provided by Chat GPT and exercise caution when relying solely on automated responses.

But Allowing Chat GPT in organization may lead to insider threats.

Chat GPT can be a valuable tool in a Security Operation Center (SOC) for various tasks. Chat GPT can be used as a training tool for SOC analysts, providing interactive training scenarios, answering questions, and providing real-time feedback, outline of playbook and more. Here are some potential use cases for utilizing Chat GPT in a…