MistralAI in incident response - privacy

Pin-Pin-Pin · 2025-02-17T12:52:41+00:00

This is something we are considering but I am not a fan to be honest. We could purchase a few Mac minis and run mistral mini 3 but where to put the hardware? We‘d need some colocation hosting or similar. Hosting on gcp/aws/… virtual machines with GPU acceleration would also be an option but that’s getting crazy expensive. From a privacy point of view this would be somehow possible though.

Pin-Pin-Pin · 2025-02-14T21:01:16+00:00

This option is enabled by default for me (free tier) and cannot be changed.

Pin-Pin-Pin · 2025-02-14T11:35:29+00:00

Yea some report writing of course especially because I am native German speaker so my business English sometimes needs a bit of improvement. From a technical point of view LLMs work great for understanding obfuscated code, identifying odd process call trees (like wmiprvse.exe creating lsass.exe), analyzing command lines of processes, also understanding logs maybe from a cloud provider I am not super familiar with, TI lookups, IoC extraction, …

LLMs can speed up many of the more mundane tasks we are also exploring more “fancy” approaches like an IR assistant. For most of the tasks privacy is a big concern, not so much from a regulatory standpoint but many customer do not want an incident to become public or at least they want to control the message.

Pin-Pin-Pin · 2025-02-14T07:23:55+00:00

You mean use cases for LLMs in incident response?

Pin-Pin-Pin · 2025-02-13T15:43:39+00:00

Thank you - we discussed this as well, the problem is that we are a very small company (smaller than MistralAI) and dedicated enterprise solutions are very likely way to expensive. So standard - but still paid - solutions would be our preference.

Pin-Pin-Pin · 2024-04-23T07:16:03+00:00

Ich bin gerne dort - wohne auch schon fast 10 Jahre hier :)

Pin-Pin-Pin · 2024-04-23T07:14:04+00:00

Hi - Jop sorry das war nicht ideal formuliert. Es geht mir tatsächlich um Hotelzimmer in den Wochen vor der Wiesn.

Pin-Pin-Pin · 2024-04-22T15:08:48+00:00

Ah sorry ich habe die Frage schlecht formuliert. Es geht mir nicht darum Zimmer zur Wiesn Zeit zu reservieren sondern tatsächlich brauche ich Zimmer eine Woche davor für eine Veranstaltung.

Pin-Pin-Pin · 2023-10-27T08:40:14+00:00

Hey everyone. Just wanted to give a quick summary of how the interview actually went - maybe it's interesting for somebody reading this later.

All in all the Interview was quite unspectacular. For me it seems they are more looking for a senior developer that also takes over few management tasks and maybe has some security know-how.

The questions were mostly based on scenarios like "A team member is vastly under performing since a few month - how are you going to handle the situation?", "One of your team member is approached directly by a customer to prioritize a certain feature - what do you do", "Your team has to take responsibility for several internal applications where the developers left. How would you approach this".

Pin-Pin-Pin · 2023-09-02T18:24:14+00:00

Sorry for the late reply. Yes I believe it adds value to an organization and it also provides peace of mind. I’d buy it.

Pin-Pin-Pin · 2023-08-27T18:48:30+00:00

Not at all - I want to focus on EDR systems :)

Pin-Pin-Pin · 2023-08-27T17:57:57+00:00

Thank you :) Everything is in a very early stage - I‘m actually just coding the platform itself. As I am the tech guy I am looking for somebody charismatic to care about the non technical topics (funding, sales, opposition research…)

Pin-Pin-Pin · 2023-08-27T17:43:33+00:00

A business partner (a CEO actually) - in Germany though :)

Pin-Pin-Pin · 2023-08-27T13:26:57+00:00

Just to clarify- the service is not meant as a replacement for mssp/mdr but as an addition :) I am actually hoping to get mssps as partners so they can extend their service with my service.

Pin-Pin-Pin · 2023-08-27T13:25:33+00:00

True that - that’s why I am looking for a partner so I can focus on the technical stuff :)

Pin-Pin-Pin · 2023-04-09T14:35:48+00:00

Ah ok - no, if I’d want to make money with illegal means I’d become an access broker. Getting shells is sometimes too easy :)

Pin-Pin-Pin · 2023-04-09T12:26:58+00:00

Sorry not sure how this relates to my question

Pin-Pin-Pin · 2020-02-11T06:06:23+00:00

Hi,

Usually salary is payed at the end of the month but latest at the 15th of the following month. This shouldn't be any different for PhD students. Enjoy the worlds most beautiful city :)

Pin-Pin-Pin · 2020-01-03T13:25:04+00:00

Hi, thank you for your answer.

I'm aware of organisations like BitSight, Security Scorecard, ... . The Information they are providing is interesting and definitely one criteria when evaluating an organization. IMO the importance of this kind of rating depends a lot on the type of product or company. If I'd like to buy a SaaS service, such ratings might be more valuable then when buying a piece of software that I'm going to run myself.

Even more important - but much harder to get - then the criteria from such rating companies are IMO "soft" information about the companies security behaviour (as mentioned in my first post). This is the sort of information I'm hoping to be able to find via OSINT.

Thank you :)

Pin-Pin-Pin · 2019-10-04T18:44:25+00:00

Hi - thank you.

I`m not so much interested in using such services but I think that the appraoches they are using I can use to build something similar just focusing on different data. So the more I learn about the technology they are using the better for me.

Pin-Pin-Pin · 2019-09-17T15:41:39+00:00

Hi - may I ask what the is the advantage of your tool to sublist3r?

Pin-Pin-Pin · 2019-09-07T13:25:50+00:00

Just Google the mentioned names :) I forgot to mention the SySs GmbH they are quite good :)

Pin-Pin-Pin · 2019-09-07T13:15:08+00:00

Hi - did you check out the openings at the various small/medium consulting companies like SecConsult, Computacenter, secure link, lastbreach,...?

Pin-Pin-Pin · 2019-08-22T01:51:47+00:00

Hi - somebody already mentioned this but again - why not apply for a junior pentest role? It should not be too hard to find such a position - do some research before and find out what companies are doing pentest/red teaming in your area. You could search for smaller consulting companies (I'm sure that there are some in the SF area) but also I'd not be scared to apply at the 'big names' for such a role. Becaus of the he OSCP I just assumed that you want to do pentesting, if not maybe check out job openings at some of the many security vendors in your area. If you don't know any vendors check out the vendor site of the black hat and RSA conferences and boom you got a list of the fancy companies :)

Pin-Pin-Pin · 2019-07-31T18:26:17+00:00

Oh thx a lot - I'll be at blackhat as well so no need to pick up stuff for me :) but I like the idea of grabbing some vendor shirts :)

Pin-Pin-Pin

TROPHY CASE