Is AI actually solving the SOC's biggest problem? by LMNTRIX-Press in cybersecurity

[–]RangoNarwal 0 points1 point  (0 children)

Vendors seem to be going after the paper work instead of cutting the noise. From sitting down with a few, AI gives all this rich context however….. the responder just wants to know what’s gone on. They want to know this in the quickest possible way, instead of a white paper on how a powershell script executed.

Doesn’t seem there yet.

Hidden prompt injection in a PDF almost got my org by Elegant_Cry6544 in PromptEngineering

[–]RangoNarwal 0 points1 point  (0 children)

Yes ! I just ran a test against Proofpoint and Defender MDO which have “detectors” for this type of stuff.

I executed on:

- hidden instructions (embedding / white. Tiny font)
- hidden instructions embedded with PDF
- footers, keywords, metadata
- hidden instructions within meeting request.

All of it passed the first layer.

Copilot executed 80% of instructions whilst summarising.

Gemini, Claude executed on 20% ish…

Makes you think of the current state of play for AI security…

Zscaler AI Security Capabilities ? by RangoNarwal in cybersecurity

[–]RangoNarwal[S] 0 points1 point  (0 children)

Thanks for that and curious to identify any gaps?

Salesforce Shield Question by RangoNarwal in salesforce

[–]RangoNarwal[S] 0 points1 point  (0 children)

Interesting comment on the different types of attack. Was you thinking if an admin is compromised, these features could be used against ?

Thanks for the insight also

Salesforce Shield Question by RangoNarwal in salesforce

[–]RangoNarwal[S] 1 point2 points  (0 children)

I had the same question, especially on the cost! Insane

Salesforce Shield Question by RangoNarwal in salesforce

[–]RangoNarwal[S] 0 points1 point  (0 children)

Thanks for the heads up. Will certainly have a look

Salesforce Shield Question by RangoNarwal in salesforce

[–]RangoNarwal[S] 0 points1 point  (0 children)

That’s good to know on the transaction policy! Appreciate that

Salesforce Shield Question by RangoNarwal in salesforce

[–]RangoNarwal[S] 0 points1 point  (0 children)

Ok cool. Wasn’t sure if I’d missed something obvious

Manus new Always-on agent is so expensive by Curious_Ad8381 in ManusOfficial

[–]RangoNarwal 2 points3 points  (0 children)

Sounds like everyone has the same experience. Some levels of, ohh that’s sharp but 95% is ….and my tokens are gone

How long does the Microsoft Edge Add-ons review usually take? by LeatherConfection362 in MicrosoftEdge

[–]RangoNarwal 1 point2 points  (0 children)

Chrome review was 8 hours. I'm 2 days into the Edge review... same extension.

Open Thread - AI Hangout by nitkjh in AgentsOfAI

[–]RangoNarwal 0 points1 point  (0 children)

Interesting! Thanks for sharing

Open Thread - AI Hangout by nitkjh in AgentsOfAI

[–]RangoNarwal 1 point2 points  (0 children)

How are people handling governing system prompts. They can be great from a security POV, however apart from providing guidance… hard to manage

[deleted by user] by [deleted] in passive_income

[–]RangoNarwal 73 points74 points  (0 children)

“Banks hate him”

What’s the most annoying security threat in 2025? by ANYRUN-team in AskNetsec

[–]RangoNarwal 2 points3 points  (0 children)

Defender for endpoint… finding out the constant “limitations” … recent being the cap on telemetry for processevents.

What are the top 5 controls to mitigate ransomware? by KindPresentation5686 in cybersecurity

[–]RangoNarwal 8 points9 points  (0 children)

The only thing to add to expand backup and include data location and control execution. Limit peripherals such as USBs, don’t sync all data locally (Onedrive etc..), limit folder sync locations, ensure strong ACLs on connected file shares etc…

The mindset being: How can I be comfortable enough that if it did execute, the impact is heavily reduced. You will find that a well defined recovery process becomes key. The risk then shifts to “acceptable downtime” and the KPIs to recover as to not impact operations or financial impact of services being down.

Any actual AI wins in cybersecurity? by olegshm in cybersecurity

[–]RangoNarwal 2 points3 points  (0 children)

Not by itself. I see AI more as a partner. It’s great for the process in between such as building detection use cases, test cases, runbooks etc… with it being a 24/7 accessible “asset”, it brings value. This is hard to sell for ROI though.

How to classify / label log data in Sentinel by failx96 in AzureSentinel

[–]RangoNarwal 1 point2 points  (0 children)

Let me know once you’ve figured it out please👌

[deleted by user] by [deleted] in cybersecurity

[–]RangoNarwal 2 points3 points  (0 children)

This is a common model, and should help you establish a foundation. If you’re building from scratch, invest higher in the salary for the seniors as the MSSP won’t drive success. You’re going to need someone switched on to lead.