Simbian ai logo
Simbian.ai in Action
author

Jonathan Todd

10 min readAI Agents

Revolutionizing Cybersecurity with AI: Simbian.ai in Action

👋 Hi. I'm still here, with ideas to write about and build. Been a bit busy with my internship (via an Army career transition program) at Simbian.ai... a bit busy getting promoted to the position of Principal Solutions Architect! 🎊🎉
Automated Security Powered By AI
  • For years, I've been shouting from the roof tops that advanced cyber weapons would eventually lead to cyber attacks on an unprecedented scale, and that more needed to be done to protect the world's fragile IT ecosystem from these threats. During my government career, my warnings (and a ~50 page white paper proposing solutions, presented to the highest level leaders I could get permission to speak with) fell on deaf ears. With the rapid rise of AI, my concern about the scalability of cybercrime and state sponsored attacks only increased.

To prove the growing threat, I researched and developed a proof of concept for an infinitely scalable spear phishing cyber weapon for initial access and presented my research at BSides Augusta. In this attack framework, I leveraged AI to learn about you, build an account designed to interest you, and then reach out and engage with you before attempting to trick you to download a malicious payload. This attack, so long as it generated enough profit to pay for the ~$2 token cost to conduct, was infinitely scalable for a lucrative cyber crime group. And certainly for a nation state sponsored threat actor. In other words, every business in the world could be targeted at once, with just a little extra R&D by bad actors.

Automated Security Powered By AI

It was clear to me that a solution needed to be developed to defend cyber attacks at the same scale. Fight fire with fire, per se. A ten-person SOC team can't defend against a constant barrage by hundreds of malicious AI bots, each equipped with the kind of tech I presented at BSides and worse. I suspected that end-to-end cyber-kill-chain-capable AI-powered cyber weapons would soon be launched by legions of criminals that were previously only qualified to run call center scams targeting your grandmother.

And worse, it was growing more obvious by the day that the government organization I worked for was not capable of nor interested in innovating at the rate required to achieve the countermeasures our IT infrastructure would need to defend against this new scale of cyber attack capability.

So I brought my efforts to the private sector by joining Simbian. They didn't need convincing of this threat. It was already slide #4 of their sales deck.

img reference

And luckily, we're already speeding toward a robust solution to this terrifying inevitability. A fully automated legion of cyber defenders, augmenting your SOC analysts with the extra help they'll need to react to the impending rise of threat activity across all networks as the technology to execute such AI powered attacks matures.

To achieve this solution at Simbian, we've cooked up our own version of this neat little trending recipe called AI Agents.

  • 🤖 Pour in some Large Language Model (LLM).
  • ✨ Sprinkle in a little embedding.
  • 💧 Drop in a few gallons of data.
  • 🧂 Just a pinch of function calling.
  • 🌳 Drizzle on some tree-of-thought.
  • 🌀 Blend until you have Remotely Augmented Generation (RAG).
  • ☕ And serve hot with a prompt to kick things off.

And voilà! We've created what's known in the industry as AI Agents.

The Future of Security Operations and AI Agents

View in active development & subject to change significantly.

And a really cool thing: Our agents show their work. You can observe, modify, and ask questions about a robust diagram of analytical steps taken as our agents perform investigations and threat hunting operations.

we've taken these AI Agents and specialized them for specific cybersecurity

Want to know more? Stay tuned. I'm writing an article series all about agents and how they work, along with releasing my own open source agentic framework. But no need to wait for that - you can already inspect Simbian's open source agentic framework on GitHub today: Taskgen.

So we've taken these AI Agents and specialized them for specific cybersecurity functions:

  • 🚨 Alert Investigation
  • 🔍 Threat Intel Analysis
  • 🕵️ Threat Hunting
  • 📊 Reporting
  • 📋 Security Questionnaire Response
  • 🏢 Multi-Tenant Management

This results in a profoundly powerful set of functionalities. And even better, unlike certain behemoth competitors in the AI Cybersecurity space... You don't need to learn fancy prompts for our agents to work. 😏 They just do what you'd expect them to autonomously. You might be asked for some input or pre-action review now and then if the agent isn't sure. Or you might decide to ask the agents to explain their conclusions, but other than that, they just buzz away like intelligent little underpaid workers locked inside your computer screen, executing advanced reasoning chains, processing data, and well... doing your job for you.

AI Agents and cybersecurity

It's great. But I'm a perfectionist! The product is always just one pull request away from being so. much. better. I just have to wait and show it off (to you all) when it's perfect.

Truth be told, I'm still not quite ready to rip off that band-aid. But if you send a DM asking, I will personally show you what we're working on. In-progress as it may be. And while that may be the case for the next month or two while we smooth over some rough UX edges, I have zero doubt that we've designed a market dominating product. We need to polish a few rough edges on our UX design, but the technology at work under the hood here is truly impressive.

And finally, we've proven it!

https://www.linkedin.com/feed/update/urn:li:activity:7265436996355915776

And while I can't claim personal responsibility for our GRC Agent (our only cookie jar that I don't have both hands thoroughly in - for now), this feature of our product has just hit a milestone, having proven to be massive value (proving major cost savings) with a real world customer case study.

AI Agents and cybersecurity

It has been such an awesome breath of fresh air working at Simbian among so many innovators and prestigious minds. I mean, just the other day I had a question about prioritization of developing a testing framework vs moving forward faster without the fancy testing and got schooled by Simbian CPO Sumedh B. , former Director - Security programs @ Meta. The next day, I was taught the lesson of Disagree and Commit by Simbian CEO Ambuj Kumar , former Hardware Design Lead @ Nvidia and later CEO @ Fortanix . And it's clear these leaders were not in those roles by luck.

The caliber of leadership at this company and the number of experience-driven wisdom bombs I learn from them on a daily basis is mind boggling. I feel imposter syndrome here. And that's how it should be. As they say: If you're the smartest one in the room, you're probably in the wrong room

Frankly, I'm surprised I haven't been fired by now, with the number of times I've challenged my executives, pushed the envelope, and rocked the boat at this company. 🙌 Instead of firing me, they rewarded me with a promotion!

cybersecurity

Lastly, some reflection, as my career in public service comes to an end...

As I look back and contrast this with my experience working within the government org I shall not name, where my challenging the status quo resulted in years of unprecedented retaliation (CC'ing my old friend Paul 🇺🇸 Puckett . Thanks for trying Paul 🤝, I suppose that Culture Elephant wasn't ready to be eaten just yet), it's a huge relief to be moving on to the private sector after over 6 years in service.

I couldn't be more excited about my transition into civilian life with so much opportunity to drive innovation with this awesome team. Great culture, great leaders, brilliant engineers, fantastic technology driving this product. I love what we do.