Mat Keep

160 results

Building AI With MongoDB: How DevRev is Redefining CRM for Product-Led Growth

OneCRM from DevRev is purpose-built for Software-as-a-Service (SaaS) companies. It brings together previously separate customer relationship management (CRM) suites for product management, support, and software development. Built on a foundation of customizable large language models (LLMs), data engineering, analytics, and MongoDB Atlas , it connects end users, sellers, support, product owners, and developers. OneCRM converges multiple discrete business apps and teams onto a common platform. As the company states on its website “Our mission is to connect makers (Dev) to customers (Rev) . When every employee adopts a “product-thinking” mindset, customer-centricity transcends from a department to become a culture.” DevRev was founded in October 2020 and raised over $85 million in seed funding from investors such as Khosla Ventures and Mayfield. At the time, this made it the largest seed in the history of Silicon Valley. The company is led by its co-founder and CEO, Dheeraj Pandey, who was previously the co-founder and CEO of Nutanix, and by Manoj Agarwal, DevRev's co-founder and former SVP of Engineering at Nutanix. DevRev is headquartered in Palo Alto and has offices in seven global locations. Check out our AI resource page to learn more about building AI-powered apps with MongoDB. CRM + AI: Digging into the stack DevRev’s Support and Product CRM serve over 4,500 customers: Support CRM brings support staff, product managers, and developers onto an AI-native platform to automate Level 1 (L1), assist L2, and elevate L3 to become true collaborators. Product CRM brings product planning, software work management, and product 360 together so product teams can assimilate the voice of the customer in real-time. Figure 1: DevRev’s real-time dashboards empower product teams to detect at-risk customers, monitor product health, track development velocity, and more. AI is central to both the Support and Product CRMs. The company’s engineers build and run their own neural networks, fine-tuned with application data managed by MongoDB Atlas. This data is also encoded by open-source embedding models where it is used alongside OpenAI models for customer support chatbots and question-answering tasks orchestrated by autonomous agents. MongoDB partner LangChain is used to call the models, while also providing a layer of abstraction that frees DevRev engineers to effortlessly switch between different generative AI models as needed. Data flows across DevRev’s distributed microservices estate and into its AI models are powered by MongoDB change streams . Downstream services are notified in real-time of any data changes using a fully reactive, event-driven architecture. MongoDB Atlas: AI-powered CRM on an agile and trusted data platform MongoDB is the primary database backing OneCRM, managing users, customer and product data, tickets, and more. DevRev selected MongoDB Atlas from the very outset of the company. The flexibility of its data model, freedom to run anywhere, reliability and compliance, and operational efficiency of the Atlas managed service all impact how quickly DevRev can build and ship high-quality features to its customers. The flexibility of the document data model enables DevRev’s engineers to handle the massive variety of data structures their microservices need to work with. Documents are large, and each can have many custom fields. To efficiently store, index, and query this data, developers use MongoDB’s Attribute pattern and have the flexibility to add, modify, and remove fields at any time. The freedom to run MongoDB anywhere helps the engineering team develop, test, and release faster. Developers can experiment locally, then move to integration testing, and then production — all running in different environments — without changing a single line of code. This is core to DevRev’s velocity in handling over 4,000 pull requests per month: Developers can experiment and test with MongoDB on local instances — for example adding indexes or evaluating new query operators, enabling them to catch issues earlier in the development cycle. Once unit tests are complete, developers can move to temporary instances in Docker containers for end-to-end integration testing. When ready, teams can deploy to production in MongoDB Atlas. The multi-cloud architecture of Atlas provides flexibility and choice that proprietary offerings from the hyperscalers can’t match. While DevRev today runs on AWS, in the early days of the company, they evaluated multiple cloud vendors. Knowing that MongoDB Atlas could run anywhere gave them the confidence to make a choice on the platform, knowing they would not be locked into that choice in the future. With MongoDB Atlas, our development velocity is 3-4x higher than if we used alternative databases. We can get our innovations to market faster, providing our customers with even more modern and useful CRM solutions. Anshu Avinash, Founding Engineer, DevRev The HashiCorp Terraform MongoDB Atlas Provider automates infrastructure deployments by making it easy to provision, manage, and control Atlas configurations as code. “The automation provided by Atlas and Terraform means we’ve avoided having to hire a dedicated infrastructure engineer for our database layer,” says Anshu. “This is a savings we can redirect into adding developers to work on customer-facing features.” Figure 2: The reactive, event-driven microservices architecture underpinning DevRev’s AI-powered CRM platform Anshu goes on to say, “We have a microservices architecture where each microservice manages its own database and collections. By using MongoDB Atlas, we have little to no management overhead. We never even look at minor version upgrades, which Atlas does for us in the background with zero downtime. Even the major version upgrades do not require any downtime, which is pretty unique for database systems.” Discussing scalability, Anshu says, “As the business has grown, we have been able to scale Atlas, again without downtime. We can move between instance and cluster sizes as our workloads expand, and with auto-storage scaling, we don’t need to worry about disks getting full.” DevRev manages critical customer data, and so relies on MongoDB Atlas’ native encryption and backup for data protection and regulatory compliance. The ability to provide multi-region databases in Atlas means global customers get further control over data residency, latency, and high availability requirements. Anshu goes on to say, “We also have the flexibility to use MongoDB’s native sharding to scale-out the workloads of our largest customers with complete tenant isolation.” DevRev is redefining the CRM market through AI, with MongoDB Atlas playing a critical role as the company’s data foundation. You can learn more about how innovators across the world are using MongoDB by reviewing our Building AI case studies . If your team is building AI apps, sign up for the AI Innovators Program . Successful companies get access to free Atlas credits and technical enablement, as well as connections into the broader AI ecosystem.

March 27, 2024

Fireworks AI and MongoDB: The Fastest AI Apps with the Best Models, Powered By Your Data

We’re happy to announce that Fireworks AI and MongoDB are now partnering to make innovating with generative AI faster, more efficient, and more secure. Fireworks AI was founded in late 2022 by industry veterans from Meta’s PyTorch team, where they focused on performance optimization, improving the developer experience, and running AI apps at scale. It’s this expertise that Fireworks AI brings to its production AI platform, curating and optimizing the industry's leading open models. Benchmarking by the company shows gen AI models running on Fireworks AI deliver up to 4x faster inference speeds than alternative platforms, with up to 8x higher throughput and scale. Models are one part of the application stack. But for developers to unlock the power of gen AI, they also need to bring enterprise data to those models. That’s why Fireworks AI has partnered with MongoDB, addressing one of the toughest challenges to adopting AI. With MongoDB Atlas , developers can securely unify operational data, unstructured data, and vector embeddings to safely build consistent, correct, and differentiated AI applications and experiences. Jointly, Fireworks AI and MongoDB provide a solution for developers who want to leverage highly curated and optimized open-source models, and combine these with their organization’s own proprietary data — and to do it all with unparalleled speed and security. Lightning-fast models from Fireworks AI: Enabling speed, efficiency, and value Developers can choose from many different models to build their gen AI-powered apps. Navigating the AI landscape to identify the most suitable models for specific tasks — and tuning them to achieve the best levels of price and performance — is complex and creates friction in building and running gen AI apps. This is one of the key pain points that Fireworks AI alleviates. With its lightning-fast inference platform, Fireworks AI curates, optimizes, and deploys 40+ different AI models. These optimizations can simultaneously result in significant cost savings , reduced latency , and improved throughput. Their platform delivers this via: Off-the-shelf models, optimized models, and add-ons: Fireworks AI provides a collection of top-quality text, embedding, and image foundation models . Developers can leverage these models or fine-tune and deploy their own, pairing them with their own proprietary data using MongoDB Atlas. Fine-tuning capabilities : To further improve model accuracy and speed, Fireworks AI also offers a fine-tuning service using its CLI to ingest JSON-formatted objects from databases such as MongoDB Atlas. Simple interfaces and APIs for development and production: The Fireworks AI playground allows developers to interact with models right in a browser. It can also be accessed programmatically via a convenient REST API. This is OpenAI API-compatible and thus interoperates with the broader LLM ecosystem. Cookbook: A simple and easy-to-use cookbook provides a comprehensive set of ready-to-use recipes that can be adapted for various use cases, including fine-tuning, generation, and evaluation. Fireworks AI and MongoDB: Setting the standard for AI with curated, optimized, and fast models With Fireworks AI and MongoDB Atlas, apps run in isolated environments ensuring uptime and privacy, protected by sophisticated security controls that meet the toughest regulatory standards: As one of the top open-source model API providers, Fireworks AI serves 66 billion tokens per day (and growing). With Atlas, you run your apps on a proven platform that serves tens of thousands of customers, from high-growth startups to the largest enterprises and governments. Together, the Fireworks AI and MongoDB joint solution enables: Retrieval-augmented generation (RAG) or Q&A from a vast pool of documents: Ingest a large number of documents to produce summaries and structured data that can then power conversational AI. Classification through semantic/similarity search: Classify and analyze concepts and emotions from sales calls, video conferences, and more to provide better intelligence and strategies. Or, organize and classify a product catalog using product images and text. Images to structured data extraction: Extract meaning from images to produce structured data that can be processed and searched in a range of vision apps — from stock photos, to fashion, to object detection, to medical diagnostics. Alert intelligence: Process large amounts of data in real-time to automatically detect and alert on instances of fraud, cybersecurity threats, and more. Figure 1: The Fireworks tutorial showcases how to bring your own data to LLMs with retrieval-augmented generation (RAG) and MongoDB Atlas Getting started with Fireworks AI and MongoDB Atlas To help you get started, review the Optimizing RAG with MongoDB Atlas and Fireworks AI tutorial, which shows you how to build a movie recommendation app and involves: MongoDB Atlas Database that indexes movies using embeddings. (Vector Store) A system for document embedding generation. We'll use the Fireworks embedding API to create embeddings from text data. (Vectorisation) MongoDB Atlas Vector Search responds to user queries by converting the query to an embedding, fetching the corresponding movies. (Retrieval Engine) The Mixtral model uses the Fireworks inference API to generate the recommendations. You can also use Llama, Gemma, and other great OSS models if you like. (LLM) Loading MongoDB Atlas Sample Mflix Dataset to generate embeddings (Dataset) We can also help you design the best architecture for your organization’s needs. Feel free to connect with your account team or contact us here to schedule a collaborative session and explore how Fireworks AI and MongoDB can optimize your AI development process.

March 26, 2024

利用生成式人工智能和 MongoDB 应对网络安全的最大挑战

在不断变化的网络安全环境中,企业面临着众多挑战,需要利用尖端技术提供创新解决方案。 最紧迫的问题之一是网络威胁日益复杂,包括恶意软件、勒索软件和网络钓鱼攻击,这些攻击越来越难以检测和缓解。 此外,数字基础设施的快速扩张扩大了攻击面,使安全团队更难监控和保护每个入口和出口点。 另一个重大挑战是缺少熟练的网络安全专业人员(据独立调查估计,全球缺口约为 400 万1),这使得许多组织容易受到攻击。 这些挑战凸显了对先进技术的需求,这些技术可以增强人类保护数字资产和数据的努力。 生成式AI有何帮助? 生成式人工智能 ( gen AI ) 已成为应对这些网络安全挑战的强大工具。 通过利用大型语言模型 ( LLM ) 在现有数据集的基础上生成新数据或模式,生成式人工智能可以在多个关键领域提供创新解决方案: 强化威胁检测和响应 生成式人工智能可用于模拟网络威胁,包括复杂的恶意软件和网络钓鱼攻击。 这些模拟有助于训练机器学习模型,以更准确地检测新的和不断演变的威胁。 此外,生成式人工智能可以帮助开发实时对威胁做出反应的自动响应系统。 虽然这永远不会消除对人工监督的需求,但可以减少人工干预和劳累,从而更快地缓解攻击。 例如,在适当的监督下,它可以自动为易受攻击的系统打补丁,或调整防火墙规则以阻止攻击载体。 这种自动快速反应能力对于减少零日漏洞尤为重要,因为从发现漏洞到攻击者利用漏洞之间的窗口很短。 从安全事件事后分析中汲取可操作的经验教训 在网络安全事件发生后,进行彻底的事后分析对于了解事件的经过、原因以及今后如何防止类似事件的发生至关重要。 在这一过程中,生成式人工智能可以综合和汇总多种来源的复杂数据(日志、网络流量和安全警报等),发挥关键作用。 通过分析这些数据,生成式人工智能可以识别可能导致安全漏洞的模式和异常,从而提供由于信息量和复杂性而可能被人类分析师忽视的见解。 此外,它还可以生成全面的报告,突出显示关键发现、诱发因素和潜在漏洞,从而简化事后分析过程。 这种能力不仅能加快恢复和学习过程,还能使组织实施更有效的补救策略,最终加强其网络安全态势。 生成用于深度模型训练的合成数据 用于培训网络安全系统的真实数据短缺,这是一个重大障碍。生成式人工智能可以创建真实的合成数据集,反映真实的网络流量和用户行为,而不会暴露敏感信息。 这种合成数据可用于训练检测系统,在不损害隐私或安全的情况下提高其准确性和有效性。 自动检测网络钓鱼 网络钓鱼仍然是最常见的攻击载体之一。 生成式人工智能可以分析网络钓鱼电子邮件和网站中的模式,生成能够高精度预测和检测网络钓鱼尝试的模型。 通过将这些模型集成到电子邮件系统和网络浏览器中,组织可以自动过滤掉网络钓鱼内容,保护用户免受潜在威胁。 综合考虑:机遇与风险 生成式人工智能有望实现复杂流程的自动化、加强威胁检测和响应、提供对网络威胁的更深入了解,从而改变网络安全实践。随着业界不断将生成式人工智能融入网络安全战略,我们必须对这项技术的道德使用和滥用潜力保持警惕。 尽管如此,它在加强数字防御方面所带来的好处是毋庸置疑的,因此成为应对网络威胁的持久战中的宝贵资产。 MongoDB 如何提供帮助? 有了 MongoDB,您的开发团队就能以任何规模更快地构建和部署强大、正确和差异化的实时网络防御系统。 要了解 MongoDB 如何做到这一点,请考虑 AI 技术堆栈包含三层: 底层计算 (GPU) 和 LLM 微调模型的工具以及用于上下文学习和对训练模型进行推理的工具 人工智能应用程序和相关最终用户体验 MongoDB 在堆栈的第二层运行。 它使客户能够将自己的专有数据带到任何计算基础设施上运行的任何 LLM,以构建生成式人工智能驱动的网络安全应用程序。 为此,MongoDB 解决采用生成式人工智能保障网络安全时最棘手的问题。 MongoDB Atlas 将运营数据、非结构化数据和矢量数据安全地统一在一个完全托管的多云平台中,避免了在不同系统之间复制和同步数据的需要。 MongoDB 基于文档的架构还允许开发团队轻松地对应用程序数据和矢量嵌入之间的关系进行建模。 这样就可以更深入、更快速地分析和见解与安全相关的数据。 图 1: 在统一的 API 和开发者数据平台中,MongoDB Atlas 汇集了构建现代网络安全应用程序所需的所有数据服务。 MongoDB 的开放式架构与丰富的 AI 开发者框架、LLM 和嵌入式提供商的生态系统相集成。这与我们业界领先的多云功能相结合,使您的开发团队能够灵活快速地行动,避免在这个快速发展的领域中被任何特定的云提供商或 AI 技术限制。 请查看我们的 AI 资源页面,了解有关使用 MongoDB 构建 AI 驱动的应用的更多信息。 将生成式人工智能和 MongoDB 应用于现实世界的网络安全应用 威胁情报 ExTrac 利用 AI 驱动的分析技术和 MongoDB Atlas,通过分析数千个来源的数据来预测公共安全风险。该平台最初帮助西方政府预测冲突,现在正扩展到企业的声誉管理等方面。 MongoDB 的文档数据模型使 ExTrac 能够高效管理复杂数据,增强实时威胁识别。 Atlas Vector Search 有助于增强语言模型,并管理文本、图像和视频的矢量嵌入,从而加快功能开发。这种方法使 ExTrac 能够利用 MongoDB 的灵活性和强大功能,有效地为客户建立趋势模型、追踪不断变化的叙事和预测风险,从而处理任何形状和结构的数据。在 ExTrac 案例研究中了解更多信息。 网络安全评估 VISO TRUST 利用 AI 简化对第三方网络风险的评估,使复杂的供应商安全信息能够快速获取,以便做出明智的决策。 VISO TRUST 的平台利用 Amazon Bedrock 和 MongoDB Atlas,实现了供应商安全尽职调查的自动化,大大减少了安全团队的工作量。 其 AI 驱动的方法涉及人工智能,可对安全文档进行分类、检测组织并预测人工智能中的安全控制位置。 MongoDB Atlas 为密集检索系统提供文本嵌入,通过检索增强生成 ( RAG ) 提高 LLM 的准确性,提供即时、可操作的安全见解。 通过创新地使用技术,VISO TRUST 能够提供快速、可扩展的网络风险评估,为 InstaCart 和 Upwork 等企业大大减少了工作量和时间。 MongoDB 灵活的文档数据库和 Atlas Vector Search 在管理和查询海量数据方面发挥了关键作用,支持 VISO TRUST 提供全面网络风险情报的使命。 在 Viso Trust 案例研究中了解更多信息。 开始使用的步骤 由 LLM 驱动的生成式人工智能,辅以编码为矢量嵌入的操作数据,为网络安全领域带来了许多新的可能性。 如果您想进一步了解这项技术及其可能性,请查看我们的 Atlas Vector Search Learning Byte 。在短短 10 分钟内,您将大致了解不同的使用案例以及如何开始。 1 1 Hill, M. (2023 年 4 月 10 日)。 尽管进行了大规模的招聘活动,但网络安全劳动力缺口仍达 400 万。 CSO。

March 13, 2024

생성형 인공지능과 MongoDB를 사용하여 사이버 보안의 가장 중대한 과제 해결

끊임없이 진화하는 사이버 보안 환경에서 조직은 최첨단 기술 기반의 혁신적인 솔루션을 필요로 하는 수많은 어려움에 직면합니다. 가장 시급한 문제 중 하나는 멀웨어, 랜섬웨어, 피싱 공격을 비롯한 사이버 위협이 갈수록 정교해지고 있다는 점입니다. 이러한 위협의 탐지 및 완화는 점점 더 어려워지고 있습니다. 또한 디지털 인프라의 급속한 확장으로 공격 표면이 넓어져서 보안 팀이 모든 진입 및 출구 지점을 모니터링하고 보호하기가 더욱 어려워졌습니다. 또 다른 중요한 문제는 숙련된 사이버 보안 전문가의 부족(독립적인 설문 조사에 따르면 전 세계적으로 약 4백만 명의 숙련된 사이버 보안 전문 직원이 부족한 것으로 추정)으로, 이 때문에 많은 조직은 공격에 취약합니다. 이러한 어려움은 디지털 자산과 데이터를 보호하기 위한 인간의 노력을 보강할 수 있는 고급 기술의 필요성이 더욱 두드러집니다. 생성형 인공지능은 어떻게 도움이 될까요? 생성형 인공지능( gen AI )은 이러한 사이버 보안 문제를 해결하는 강력한 도구로 부상했습니다. 생성형 인공지능은 거대 언어 모델( LLM )을 활용하여 기존 데이터 세트를 기반으로 새로운 데이터 또는 패턴을 생성함으로써 다음과 같은 몇 가지 주요 영역에서 혁신적인 솔루션을 제공할 수 있습니다. 향상된 위협 탐지 및 대응 생성형 인공지능을 사용하면 정교한 악성 코드 및 피싱 공격을 비롯한 사이버 위협의 시뮬레이션을 만들 수 있습니다. 이러한 시뮬레이션을 통해 머신 러닝 모델을 훈련하여 새로운 위협과 진화하는 위협을 더욱 정확하게 탐지할 수 있습니다. 또한 생성형 인공지능은 위협에 실시간으로 대응하는 자동 대응 시스템 개발에 도움이 될 수 있습니다. 이렇게 하더라도 사람이 감독할 필요가 없어지는 것은 아니지만, 수동 개입과 노고의 필요가 감소하므로 공격을 보다 신속하게 줄일 수 있습니다. 예를 들어 적절한 감독을 통해 취약한 시스템에 패치를 자동으로 적용하거나 공격 벡터를 차단하도록 방화벽 규칙을 조정할 수 있습니다. 이러한 자동화된 신속 대응 기능은 취약점 발견과 공격자의 악용 사이의 시간이 매우 짧을 수 있는 제로데이 취약점을 완화하는 데 특히 유용합니다. 보안 이벤트 사후 분석으로 실행 가능한 통찰력 획득 사이버 보안 이벤트가 발생한 후 철저한 사후 분석을 수행하는 것은 이벤트의 원인, 발생 이유, 향후 유사한 이벤트를 예방할 수 있는 방법을 파악하는 데 매우 중요합니다. 생성형 인공지능은 로그, 네트워크 트래픽, 보안 경고를 비롯한 다양한 소스의 복잡한 데이터를 종합하고 요약하여 이 프로세스에서 중추적인 역할을 할 수 있습니다. 생성형 인공지능은 이러한 데이터를 분석하여 보안 침해에 기여했을 수 있는 패턴과 이상 현상을 식별할 수 있으며, 인간 분석가가 정보량과 복잡성 때문에 간과할 수 있는 통찰력을 제공할 수 있습니다. 더 나아가 생성형 인공지능은 주요 결과, 원인 요인과 잠재적 취약점을 강조하는 종합적인 보고서를 생성하여 사후 분석 프로세스를 간소화할 수 있습니다. 이 기능은 복구 및 학습 프로세스를 가속화할 뿐만 아니라 조직이 보다 효과적인 복구 전략을 구현하여 궁극적으로 사이버 보안 태세를 강화할 수 있도록 지원합니다. 심층 모델 학습을 위한 합성 데이터 생성 사이버 보안 시스템 학습을 위한 실제 데이터의 부족은 상당한 장애물로 작용합니다. 생성형 인공지능은 민감한 정보의 노출 없이 실제 네트워크 트래픽과 사용자 행동을 미러링한 사실적인 합성 데이터 세트를 생성할 수 있습니다. 탐지 시스템의 학습에 이러한 합성 데이터를 활용하여 개인정보나 보안을 침해하지 않고도 정확도와 효율성을 향상시킬 수 있습니다. 피싱 탐지 자동화 피싱은 여전히 가장 자주 등장하는 공격 벡터 중 하나입니다. 생성형 인공지능은 피싱 이메일과 웹사이트의 패턴을 분석하여 높은 정확도로 피싱 시도를 예측하고 탐지하는 모델을 생성할 수 있습니다. 조직은 이러한 모델을 이메일 시스템과 웹 브라우저에 통합하여 피싱 콘텐츠를 자동으로 필터링함으로써 잠재적인 위협으로부터 사용자를 보호할 수 있습니다. 종합: 기회와 위험 생성형 인공지능은 복잡한 프로세스를 자동화하고, 위협 탐지 및 대응을 강화하며, 사이버 위협에 대한 보다 깊은 이해를 제공함으로써 사이버 보안 관행 혁신의 가능성을 보여줍니다. 업계에서 생성형 인공지능을 사이버 보안 전략에 통합하는 노력이 지속됨에 따라 이 기술의 윤리적 사용과 오용 가능성에 대한 경계심을 유지하는 것이 중요합니다. 그럼에도 불구하고 생성형 인공지능이 디지털 방어의 강화에 선사하는 이점은 부인할 수 없습니다. 이 기술은 현재도 계속되고 있는 사이버 위협과의 전쟁에서 귀중한 자산이 될 것입니다. MongoDB는 어떻게 도움이 될까요? 개발팀은 MongoDB를 사용하여 강력하고 정확하며 차별화된 실시간 사이버 방어를 어떤 규모로든 더 빠르게 구축하고 배포할 수 있습니다. MongoDB가 이를 실현하는 방법을 이해하려면 AI 기술 스택이 다음과 같은 세 계층으로 구성되어 있다는 점을 고려해야 합니다. 기반 컴퓨팅(GPU) 및 LLM 모델의 미세 조정을 위한 도구 및 올바른 컨텍스트의 학습과 훈련된 모델에 대한 비교 추론을 위한 도구 AI 애플리케이션 및 관련 최종 사용자 경험 MongoDB는 이 스택의 두 번째 계층에서 작동합니다. 고객은 MongoDB를 활용하여 모든 컴퓨팅 인프라에서 실행되는 모든 LLM으로 자체 소유 데이터를 가져와 생성형 인공지능 기반 사이버 보안 애플리케이션을 구축할 수 있습니다. MongoDB는 사이버 보안에 생성형 인공지능을 도입할 때 발생하는 가장 어려운 문제를 해결함으로써 이를 가능하게 합니다. 즉, MongoDB Atlas 는 운영 데이터, 비정형 데이터와 벡터 데이터를 단일 완전 관리형 cloud 플랫폼에서 안전하게 통합하므로 서로 다른 시스템 간에 데이터를 복사하고 동기화할 필요가 없습니다. 또한 개발팀은 MongoDB의 문서 기반 아키텍처를 활용하여 애플리케이션 데이터와 벡터 임베딩 간의 관계를 쉽게 모델링할 수 있습니다. 이를 통해 보안 관련 데이터에 관한 보다 심층적이고 신속한 분석과 통찰력을 얻을 수 있습니다. 그림 1: MongoDB Atlas는 최신 사이버 보안 애플리케이션을 구축하는 데 필요한 모든 데이터 서비스를 통합 API 및 개발자 데이터 플랫폼에 통합했습니다. MongoDB의 개방형 아키텍처는 AI 개발자 프레임워크, LLM과 임베딩 제공업체를 포함하는 풍부한 에코시스템과 통합되어 있습니다. 업계를 선도하는 MongoDB의 멀티 cloud 기능과 이러한 에코시스템을 함께 활용하면 개발팀이 급속도로 변화하는 환경에서 특정 cloud 공급자나 AI 기술에 얽매이지 않고 신속하게 이동이 가능한 유연성을 확보할 수 있습니다. MongoDB로 AI 기반 앱을 구축하는 방법에 관한 자세한 정보는 AI 리소스 페이지를 확인하세요 . 실제 사이버 보안 애플리케이션에 생성형 인공지능 및 MongoDB 적용 위협 인텔리전스 ExTrac 은 인공지능 기반 분석과 MongoDB Atlas를 활용하여 수천 개의 소스에서 데이터를 분석하여 공공 안전 위험을 예측합니다. 이 플랫폼은 처음에는 서방 정부의 분쟁 예측에 도움이 되었지만, 점차 기업으로 확대되어 평판 관리 등에 활용되고 있습니다. ExTrac은 MongoDB의 문서 데이터 모델을 활용하여 복잡한 데이터를 효율적으로 관리하고, 이를 통해 실시간 위협 식별을 강화할 수 있습니다. Atlas Vector Search 는 언어 모델을 보강하고 텍스트, 이미지 및 동영상을 위한 벡터 임베딩을 관리하여 기능을 더욱 빠르게 개발할 수 있게 합니다. 이러한 접근 방식을 통해 ExTrac은 모든 형태와 구조의 데이터를 처리하는 MongoDB의 유연성과 성능을 활용하여 트렌드를 효율적으로 모델링하고, 진화하는 내러티브를 추적하고, 고객의 위험을 예측할 수 있습니다. ExTrac 사례 연구에서 자세히 알아보세요. Cybersec 평가 VISO TRUST 는 인공지능을 활용하여 타사 사이버 위험 평가를 간소화함으로써 복잡한 공급업체 보안 정보에 빠르게 액세스해 정보에 기반한 의사 결정을 내릴 수 있도록 지원합니다. VISO TRUST의 플랫폼은 Amazon Bedrock 및 MongoDB Atlas를 활용하여 공급업체 보안 실사를 자동화하함으로써 보안 팀의 워크로드를 크게 줄여 줍니다. VISO TRUST 플랫폼의 인공지능 기반 접근 방식에는 보안 문서를 분류하고, 조직을 탐지하고, 아티팩트 내 보안 제어 위치를 예측하는 아티팩트 인텔리전스가 포함됩니다. MongoDB Atlas는 RAG 를 통해 LLM의 정확도를 높여서 즉각적이고 실행 가능한 보안 인사이트를 제공하는 고밀도 검색 시스템을 위한 텍스트 임베딩을 호스팅합니다. VISO TRUST는 이러한 혁신적인 기술을 사용하여 신속하고 확장 가능한 사이버 위험 평가를 제공함으로써 InstaCart, Upwork와 같은 기업의 업무를 줄이고 시간을 절약할 수 있습니다. MongoDB의 유연한 문서 데이터베이스와 Atlas Vector Search는 방대한 양의 데이터의 관리와 쿼리에 중요한 역할을 하며, 포괄적인 사이버 위험 인텔리전스를 제공하고자 하는 VISO TRUST의 사명을 지원합니다. Viso Trust 사례 연구에서 자세히 알아보세요. 시작하기 위한 단계 벡터 임베딩으로 인코딩된 자체 운영 데이터를 통해 보강된, LLM으로 구동되는 생성형 인공지능은 사이버 보안에 새로운 가능성을 열어 줍니다. 이러한 기술과 그 가능성에 대해 자세히 알아보려면 Atlas Vector Search Learning Byte 를 살펴보세요. 단 10분만에 다양한 사용 사례의 개요와 시작 방법을 확인할 수 있습니다. 1 1 Hill, M. (2023, April 10). 상당한 채용 노력에도 불구하고 사이버 보안 인력은 400만 명이 부족합니다. CSO.

March 13, 2024

Use a IA generativa e o MongoDB para enfrentar os maiores desafios da segurança cibernética

No cenário dinâmico da segurança cibernética, as organizações enfrentam uma série de desafios que exigem soluções inovadoras respaldadas por tecnologias de ponta. Um dos problemas mais urgentes é a crescente sofisticação das ameaças cibernéticas, como ataques de malware, ransomware e phishing, que estão se tornando mais difíceis de detectar e mitigar. Além disso, a rápida expansão das infraestruturas digitais ampliou a superfície de ataque, tornando mais difícil para as equipes de segurança monitorar e proteger todos os pontos de entrada e saída. Outro desafio significativo é a escassez de profissionais qualificados em segurança cibernética. Pesquisas independentes estimam que há apenas cerca de 4 milhões deles em todo o mundo, o que deixa muitas organizações vulneráveis a ataques. Esses desafios ressaltam a necessidade de tecnologias avançadas que possam aumentar os esforços humanos para proteger ativos e dados digitais. Como a IA generativa pode ajudar? A IA generativa surgiu como uma ferramenta poderosa para enfrentar esses desafios de segurança cibernética. Ao usar modelos de linguagem grande (LLMs) para gerar novos dados ou padrões com base em conjuntos de dados existentes, a IA generativa pode oferecer soluções inovadoras em várias áreas importantes: Detecção e resposta aprimoradas a ameaças A IA generativa pode ser usada para criar simulações de ameaças cibernéticas, incluindo ataques sofisticados de malware e phishing. Essas simulações ajudam no treinamento de modelos de machine learning para detectar com mais precisão ameaças novas e em evolução. Além disso, a IA generativa pode contribuir para o desenvolvimento de sistemas de resposta automatizados que reagem a ameaças em tempo real. A supervisão humana será sempre necessária, mas isso reduz a necessidade de intervenção e trabalho manual, permitindo uma atenuação mais rápida dos ataques. Por exemplo, com a supervisão adequada, a IA pode instalar automaticamente patches em sistemas vulneráveis ou ajustar as regras de firewall para bloquear vetores de ataque. Esse recurso de resposta rápida automatizada é particularmente valioso na atenuação de vulnerabilidades de dia zero, quando o período entre a descoberta de uma vulnerabilidade e sua exploração por invasores pode ser muito curta. Aprendizagens práticas com a análise post mortem de eventos de segurança Na sequência de um incidente de segurança cibernética, a realização de uma análise post mortem completa é fundamental para entender o que aconteceu, por que aconteceu e como eventos semelhantes podem ser evitados no futuro. A IA generativa pode desempenhar um papel fundamental nesse processo, sintetizando e resumindo dados complexos de várias fontes, como registros, tráfego de rede e alerta de segurança. Ao analisar esses dados, a IA generativa identifica padrões e anomalias que possam ter contribuído para a violação de segurança e oferecem insights que podem ter sido ignorados por analistas humanos devido ao grande volume e à complexidade das informações. Além disso, ela pode gerar relatórios abrangentes que destacam as principais descobertas, fatores causais e vulnerabilidades em potencial, agilizando o processo post mortem. Esse recurso acelera o processo de recuperação e aprendizado, e também permite que as organizações implementem estratégias de correção mais eficazes, fortalecendo sua postura de segurança cibernética. Geração de dados sintéticos para treinamento de modelos profundos A falta de dados do mundo real para o treinamento de sistemas de segurança cibernética é um obstáculo significativo. A IA generativa pode criar conjuntos de dados sintéticos e realistas que espelham o tráfego de rede genuíno e o comportamento do usuário sem expor informações confidenciais. É possível usar esses dados sintéticos para treinar sistemas de detecção, melhorando sua precisão e eficácia sem comprometer a privacidade nem a segurança. Automatização da detecção de phishing O phishing continua sendo um dos vetores de ataque mais comuns. A IA generativa pode analisar padrões em e-mails e sites de phishing, gerando modelos que preveem e detectam tentativas de phishing com alta precisão. Ao integrar esses modelos a sistemas de e-mail e navegadores da web, as organizações podem filtrar automaticamente o conteúdo de phishing e protegendo os usuários contra possíveis ameaças. Resumo: as oportunidades e os riscos A IA generativa promete revolucionar as práticas de segurança cibernética com automatização de processos complexos, aprimoramento de detecção e de resposta a ameaças e apresentação de análises mais profundas das ameaças. À medida que a indústria continua integrando a IA generativa às estratégias de segurança cibernética, é crucial observar o uso ético dessa tecnologia e o potencial de uso indevido. No entanto, os benefícios que ela oferece no fortalecimento das defesas digitais são inegáveis, tornando-a uma ferramenta inestimável na batalha contínua contra as ameaças cibernéticas. Como o MongoDB pode ajudar? Com o MongoDB, suas equipes de desenvolvimento podem criar e implementar defesas cibernéticas robustas, corretas e diferenciadas em tempo real com mais rapidez e em qualquer escala. Para entender como o MongoDB faz isso, considere que a pilha de tecnologia de IA é composta por três camadas: A computação subjacente (GPUs) e os LLMs As ferramentas de ajuste fino dos modelos e as ferramentas de aprendizado e inferência no contexto em relação aos modelos treinados Os aplicativos de AI e as experiências relacionadas do usuário final O MongoDB opera na segunda camada da pilha. Ele permite que os clientes tragam seus próprios dados proprietários para qualquer LLM em execução em qualquer infraestrutura de computação para criar aplicativos de segurança cibernética orientados por IA generativa. O MongoDB é capaz de fazer isso porque adota a IA generativa para cuidar dos problemas mais complexos relacionados à segurança cibernética. O MongoDB Atlas unifica com segurança dados operacionais, dados não estruturados e dados vetoriais em uma plataforma multinuvem e totalmente gerenciada, evitando a necessidade de copiar e sincronizar dados entre diferentes sistemas. A arquitetura baseada em documentos do MongoDB também permite que as equipes de desenvolvimento modelem com facilidade relacionamentos entre os dados do seu aplicativo e as incorporações de vetores. Isso permite análises e insights mais profundos e rápidos dos dados relacionados à segurança. Figura 1: o MongoDB Atlas reúne todos os serviços de dados necessários para criar aplicativos modernos de segurança cibernética em uma API unificada e uma plataforma de dados para desenvolvedores. A arquitetura aberta do MongoDB é integrada a um rico ecossistema de estruturas de desenvolvedores de AI, LLMs e provedores de incorporação. Combinado com nossos recursos de estrutura multinuvem líderes do setor, isso permite que sua equipe de desenvolvimento tenha flexibilidade para agir com rapidez e impedir que sua empresa fique presa a um determinado fornecedor de nuvem ou tecnologia de IA, o que representa uma vantagem importante em um mercado tão dinâmico. Confira nossa página de recursos de IA para saber mais sobre como criar aplicativos baseados em IA com o MongoDB. Como usar a IA generativa e o MongoDB em aplicativos reais de segurança cibernética Inteligência de ameaças A ExTrac usa a IA e o MongoDB Atlas para analisar dados de milhares de fontes e prever riscos à segurança pública. Inicialmente, a plataforma ajudava os governos de países ocidentais a prever conflitos, mas agora está se expandindo para prestar serviços a empresas, como gerenciamento de reputação e muito mais. O modelo de dados de documento do MongoDB permite que a ExTrac gerencie dados complexos com eficiência, aprimorando a identificação de ameaças em tempo real. O Atlas Vector Search ajuda a aumentar os modelos de linguagem e a gerenciar as incorporações de vetores para textos, imagens e vídeos, acelerando o desenvolvimento de recursos. Essa abordagem permite que a ExTrac modele tendências com eficiência, rastreie narrativas em evolução e preveja riscos para seus clientes, mas sem abrir mão da flexibilidade e do poder do MongoDB para lidar com dados de qualquer formato e estrutura. Saiba mais no nosso estudo de caso da ExTrac . Avaliações de segurança cibernética A VISO TRUST usa a IA para agilizar a avaliação de riscos cibernéticos de terceiros, tornando as informações complexas de segurança do fornecedor rapidamente acessíveis para uma tomada de decisão fundamentada. Com o Amazon Bedrock e o MongoDB Atlas, a plataforma VISO TRUST automatiza a devida diligência da segurança do fornecedor, reduzindo significativamente a carga de trabalho das equipes de segurança. Sua abordagem orientada por IA envolve inteligência de artefatos que classifica documentos de segurança, detecta organizações e prevê locais de controle de segurança em artefatos. O MongoDB Atlas hospeda texto incorporado para proporcionar um sistema de recuperação denso que aprimora a precisão dos LLMs com geração aumentada por recuperação ( RAG ), fornecendo percepções de segurança instantâneas e acionáveis. Esse uso inovador da tecnologia permite que a VISO TRUST ofereça avaliações de risco cibernético rápidas e dimensionáveis, com reduções significativas de trabalho e tempo para empresas como a InstaCart e a Upwork. O banco de dados de documentos flexível do MongoDB e o Atlas Vector Search desempenham papéis essenciais no gerenciamento e na consulta de grandes quantidades de dados, apoiando a missão da VISO TRUST de fornecer inteligência abrangente em riscos cibernéticos. Saiba mais no nosso estudo de caso da Viso Trust. Como dar os primeiros passos A IA generativa alimentada por LLMs aumentada com seus próprios dados operacionais codificados como incorporações vetoriais está abrindo muitas novas possibilidades no campo da segurança cibernética. Se quiser saber mais sobre a tecnologia e suas possibilidades, dê uma olhada no nosso learning byte sobre o Atlas Vector Search . Em apenas 10 minutos, você terá uma visão geral de diferentes casos de uso e como começar. 1 1 Hill, M. (2023, 10 de abril). A escassez de mão de obra em segurança cibernética atinge 4 milhões, apesar do significativo esforço de recrutamento. OSC.

March 13, 2024

Utilizzo della IA generativa e di MongoDB per affrontare le sfide più importanti della sicurezza informatica

Nel panorama in continua evoluzione della sicurezza informatica, le organizzazioni si trovano ad affrontare una moltitudine di sfide che richiedono soluzioni innovative che sfruttino tecnologie all'avanguardia. Uno dei problemi più urgenti è la crescente sofisticazione delle minacce informatiche, tra cui malware, ransomware e attacchi di phishing, che stanno diventando sempre più difficili da individuare e limitare. Inoltre, la rapida espansione delle infrastrutture digitali ha ampliato la superficie di attacco, rendendo più difficile per i team di sicurezza monitorare e proteggere ogni punto di ingresso e di uscita. Un altro problema importante è la carenza di professionisti qualificati nel campo della sicurezza informatica (che indagini indipendenti hanno stimato essere di circa 4 milioni di persone in tutto il mondo1) che lascia molte organizzazioni vulnerabili agli attacchi. Queste sfide sottolineano la necessità di tecnologie avanzate che possano coadiuvare nelle attività di protezione delle risorse e dei dati digitali. In che modo l'IA generativa può essere di aiuto? L'intelligenza artificiale generativa è emersa come un potente strumento per affrontare queste sfide legate alla sicurezza informatica. Sfruttando modelli linguistici di grandi dimensioni (LLM) per generare nuovi dati o modelli basati su set di dati esistenti, l'IA generativa può fornire soluzioni innovative in diverse aree chiave: Rilevamento e risposta alle minacce migliorati L'IA generativa può essere utilizzata per creare simulazioni di minacce informatiche, inclusi malware sofisticati e attacchi di phishing. Queste simulazioni possono aiutare ad addestrare i modelli di machine learning a rilevare minacce nuove e in evoluzione in modo più accurato. Inoltre, l'IA generativa può aiutare nello sviluppo di sistemi di risposta automatizzati che reagiscono alle minacce in tempo reale. Anche se questo non eliminerà mai la necessità di supervisione umana, ridurrà la necessità di interventi manuali, consentendo una mitigazione più rapida degli attacchi. Ad esempio, con la supervisione appropriata, può applicare automaticamente le patch ai sistemi vulnerabili o regolare le regole del firewall per bloccare i vettori di attacco. Questa capacità di risposta rapida automatizzata è particolarmente utile per mitigare le vulnerabilità zero-day, in cui la finestra temporale tra la scoperta di una vulnerabilità e il suo sfruttamento da parte degli aggressori può essere molto breve. Apprendimenti concreti tratti dai post-mortem relativi agli eventi di sicurezza All'indomani di un incidente di sicurezza, condurre un'accurata analisi di post-mortem è fondamentale per capire cosa è successo, perché è successo e come prevenire eventi simili in futuro. L'IA generativa può svolgere un ruolo fondamentale in questo processo, sintetizzando e riassumendo dati complessi provenienti da una moltitudine di fonti, tra cui log, traffico di rete e avvisi di sicurezza. Analizzando questi dati, l'IA generativa può identificare modelli e anomalie che potrebbero aver contribuito alla violazione della sicurezza, offrendo approfondimenti che potrebbero essere trascurati dagli analisti umani a causa dell'enorme volume e complessità delle informazioni. Inoltre, può generare report completi che evidenziano risultati chiave, fattori causali e potenziali vulnerabilità, semplificando la procedura di post-mortem. Questa capacità non solo accelera il processo di ripristino e apprendimento, ma consente anche alle organizzazioni di implementare strategie di rimedio più efficaci, rafforzando in definitiva la loro sicurezza informatica. Generazione di dati sintetici per l'addestramento approfondito dei modelli La carenza di dati reali per l'addestramento dei sistemi di sicurezza informatica rappresenta un ostacolo significativo. L'IA generativa può creare set di dati realistici e sintetici che rispecchiano il traffico di rete e il comportamento degli utenti reali senza esporre informazioni sensibili. Questi dati sintetici possono essere utilizzati per addestrare i sistemi di rilevamento, migliorandone l'accuratezza e l'efficacia senza compromettere la privacy o la sicurezza. Automatizzazione del rilevamento del phishing Il phishing rimane uno dei vettori di attacco più comuni. L'IA generativa è in grado di analizzare i modelli nelle e-mail e nei siti web di phishing, generando modelli che prevedono e rilevano i tentativi di phishing con elevata precisione. Integrando questi modelli nei sistemi di posta elettronica e nei browser web, le organizzazioni possono filtrare automaticamente i contenuti di phishing, proteggendo gli utenti da potenziali minacce. In sintesi: le opportunità e i rischi L'IA generativa promette di trasformare le pratiche di sicurezza informatica automatizzando processi complessi, migliorando il rilevamento e la risposta alle minacce e fornendo una comprensione più approfondita delle minacce informatiche. Mentre il settore continua a integrare l'intelligenza artificiale nelle strategie di sicurezza informatica, è fondamentale rimanere vigili sull'uso etico di questa tecnologia e sul suo potenziale abuso. Tuttavia, i vantaggi che offre nel rafforzare le difese digitali sono innegabili, rendendolo una risorsa inestimabile nella battaglia in corso contro le minacce informatiche. In che modo MongoDB può aiutare? Con MongoDB, i tuoi team di sviluppatori possono creare e implementare difese informatiche in tempo reale robuste, corrette e differenziate più velocemente e su qualsiasi scala. Per capire in che modo MongoDB è in grado di fare ciò, considera che lo stack tecnologico dell'IA comprende tre layer: L'elaborazione sottostante (GPU) e gli LLM Gli strumenti per mettere a punto i modelli insieme agli strumenti per l'apprendimento e l'inferenza contestuali rispetto ai modelli addestrati Le applicazioni di IA e le relative esperienze degli utenti finali MongoDB opera al secondo layer dello stack. Consente ai clienti di inserire i propri dati proprietari in qualsiasi LLM in esecuzione su qualsiasi infrastruttura informatica per creare applicazioni di sicurezza informatica basate sull'intelligenza artificiale. MongoDB lo fa affrontando i problemi più difficili quando si adotta l'IA generativa per la sicurezza informatica. MongoDB Atlas unifica in modo sicuro i dati operativi, i dati non strutturati e i dati vettoriali in un'unica piattaforma multi-cloud completamente gestita, evitando la necessità di copiare e sincronizzare i dati tra sistemi diversi. L'architettura basata su documenti di MongoDB consente inoltre ai team di sviluppo di modellare facilmente le relazioni tra i dati delle applicazioni e gli incorporamenti vettoriali. Ciò consente di effettuare analisi e approfondimenti più profondi e più rapidi sui dati relativi alla sicurezza. Figura 1: MongoDB Atlas riunisce tutti i servizi dati necessari per creare moderne applicazioni di sicurezza informatica in un'API unificata e una piattaforma dati per sviluppatori. L'architettura aperta di MongoDB è integrata con un ricco ecosistema di framework per sviluppatori di IA, LLM e fornitori di incorporamento. Questo, combinato con le nostre funzionalità multi-cloud leader del settore, offre ai tuoi team di sviluppo la flessibilità di muoversi rapidamente ed evitare di vincolarsi a qualsiasi particolare provider cloud o tecnologia IA in questo spazio in rapida evoluzione. Consulta la nostra pagina delle risorse sull'intelligenza artificiale per saperne di più sulla creazione di app basate sull'IA con MongoDB. Utilizzo dell'IA generativa e di MongoDB con le applicazioni di sicurezza informatica del mondo reale Intelligence sulle minacce ExTrac utilizza analisi basate sull'intelligenza artificiale e MongoDB Atlas per prevedere i rischi per la sicurezza pubblica analizzando i dati provenienti da migliaia di fonti. La piattaforma ha inizialmente aiutato i governi occidentali a prevedere i conflitti, ma si sta espandendo alle imprese per la gestione della reputazione e altro ancora. Il modello di dati documentali di MongoDB consente a ExTrac di gestire dati complessi in modo efficiente, migliorando l'identificazione delle minacce in tempo reale. Atlas Vector Search aiuta ad migliorare i modelli linguistici e a gestire gli incorporamenti vettoriali per testi, immagini e video, accelerando lo sviluppo delle funzionalità. Questo approccio consente a ExTrac di modellare in modo efficiente le tendenze, tenere traccia delle narrative in evoluzione e prevedere i rischi per i propri clienti, sfruttando la flessibilità e la potenza di MongoDB per gestire dati di qualsiasi forma e struttura. Scopri di più nel nostro case study di ExTrac . Valutazioni della sicurezza informatica VISO TRUST sfrutta l'IA per semplificare la valutazione dei rischi informatici di terze parti, rendendo rapidamente accessibili le complesse informazioni sulla sicurezza dei fornitori per un processo decisionale informato. Utilizzando Amazon Bedrock e MongoDB Atlas, la piattaforma di VISO TRUST automatizza la due diligence della sicurezza dei fornitori, riducendo in modo significativo il carico di lavoro per i team di sicurezza. Il suo approccio basato sull'intelligenza artificiale coinvolge l'intelligence sugli artefatti che classifica i documenti di sicurezza, rileva le organizzazioni e prevede le posizioni dei controlli di sicurezza all'interno degli artefatti. MongoDB Atlas ospita incorporamenti di testo per un denso sistema di recupero che migliora la precisione dei LLM attraverso la retrieval-augmented generation (RAG), fornendo insight sulla sicurezza immediati e fruibili. Questo uso innovativo della tecnologia consente a VISO TRUST di offrire valutazioni del rischio informatico rapide e scalabili, vantando significative riduzioni di lavoro e tempo per aziende come InstaCart e Upwork. Il database di documenti flessibile di MongoDB e Atlas Vector Search svolgono un ruolo fondamentale nella gestione e nell'interrogazione di grandi quantità di dati, supportando la missione di VISO TRUST di fornire un'intelligence completa sui rischi informatici. Scopri di più nel nostro case study di Viso Trust . Passaggi per iniziare L'IA generativa basata sugli LLM, potenziata con i tuoi dati operativi codificati come incorporamenti vettoriali, sta aprendo diverse nuove possibilità nella sicurezza informatica. Se vuoi saperne di più sulla tecnologia e sulle sue possibilità, dai un'occhiata al nostro Learning Byte su Atlas Vector Search . In soli 10 minuti, avrai una panoramica dei diversi casi d'uso e di come iniziare. 1 Hill, M. (10 aprile 2023). Cybersecurity workforce shortage reaches 4 million despite significant recruitment drive. CSO.

March 13, 2024

Utiliser l’IA générative et MongoDB pour relever les plus grands défis de la cybersécurité

Dans le paysage en constante évolution de la cybersécurité, les organisations sont confrontées à une multitude de défis qui exigent des solutions innovantes exploitant des technologies de pointe. L’un des problèmes les plus urgents est la sophistication croissante des cybermenaces, notamment les malwares, les ransomwares et les attaques de phishing, qui sont de plus en plus difficiles à détecter et à atténuer. En outre, l’expansion rapide des infrastructures numériques a élargi la surface d’attaque, rendant la surveillance et la protection de chaque point d’entrée et de sortie toujours plus difficile pour les équipes de sécurité. Un autre défi de taille est la pénurie de professionnels de la cybersécurité compétents. Selon des études indépendantes, celle-ci est estimée à environ 4 millions de personnes dans le monde, rendant de nombreuses organisations vulnérables aux attaques. Ces défis soulignent la nécessité de disposer de technologies de pointe capables de décupler les efforts humains pour sécuriser les actifs et les données numériques. Comment l’IA générative peut-elle aider ? L’IA générative est devenue un outil puissant pour répondre aux enjeux de la cybersécurité. En tirant parti des grands modèles de langage (LLM) pour générer de nouvelles données ou de nouveaux modèles basés sur des ensembles de données existants, l’IA générative peut fournir des solutions innovantes dans plusieurs domaines clés : Détection des menaces et réponse améliorées L’IA générative peut être utilisée pour créer des simulations de cybermenaces, y compris des malwares sophistiqués et des attaques de phishing. Ces simulations permettent d’entraîner des modèles de machine learning pour détecter plus précisément les menaces nouvelles et en évolution. De plus, l’IA générative peut contribuer au développement de systèmes de réponse automatisés qui réagissent aux menaces en temps réel. Même si la supervision humaine sera toujours nécessaire, elle permet de réduire les interventions manuelles et les tâches répétitives, et ainsi de réagir plus rapidement aux attaques. Par exemple, avec une supervision appropriée, il est possible d’automatiser l’application de correctifs aux systèmes vulnérables ou d’ajuster les règles de firewall pour bloquer les vecteurs d’attaque. Cette capacité de réponse rapide et automatisée est particulièrement précieuse pour atténuer les vulnérabilités zero-day, où le délai entre la découverte d’une vulnérabilité et son exploitation par des pirates peut être très court. Des enseignements exploitables tirés des analyses rétrospectives des événements de sécurité Après un incident de cybersécurité, il est essentiel de procéder à une analyse rétrospective approfondie pour comprendre ce qui s’est passé, pourquoi cela s’est passé et comment éviter des événements semblables à l’avenir. L’IA générative peut jouer un rôle central dans ce processus en synthétisant et en résumant des données complexes provenant d’une multitude de sources, notamment les journaux, le trafic réseau et les alertes de sécurité. En analysant ces données, l’IA générative permet d’identifier les modèles et les anomalies qui ont contribué à la faille de sécurité, offrant ainsi des informations qui pourraient être négligées par les analystes humains en raison du volume et de la complexité des données. En outre, l’IA générative peut générer des rapports complets mettant en évidence les principales conclusions, les facteurs causals et les vulnérabilités potentielles, rationalisant ainsi le processus d’analyse a posteriori. Cette capacité accélère non seulement le processus de récupération et d’apprentissage, mais permet également aux organisations de mettre en œuvre des stratégies correctives plus efficaces, renforçant ainsi leur posture de cybersécurité. Générer des données synthétiques pour l’entraînement de modèles d’apprentissage profond Le manque de données réelles pour l’entraînement des systèmes de cybersécurité est un obstacle important. L’IA générative peut créer des ensembles de données synthétiques réalistes qui reflètent le véritable trafic réseau et le comportement des utilisateurs sans exposer d’informations sensibles. Ces données synthétiques sont ensuite utilisées pour entraîner les systèmes de détection, améliorant ainsi leur précision et leur efficacité sans compromettre la protection de la vie privée ou la sécurité. Automatiser la détection du phishing Le phishing reste l’un des vecteurs d’attaque les plus courants. L’IA générative peut analyser les modèles présents dans les e-mails et les sites Web de phishing de façon à générer des modèles qui prédisent et détectent les tentatives de phishing avec une grande précision. En intégrant ces modèles dans les applications de messagerie et les navigateurs Web, les organisations peuvent filtrer automatiquement les contenus de phishing, protégeant ainsi les utilisateurs des menaces potentielles. En résumé : les opportunités et les risques L’IA générative promet de transformer les pratiques de cybersécurité en automatisant les processus complexes, en améliorant la détection et la réponse aux menaces et en fournissant une meilleure compréhension des cybermenaces. Alors que l’IA générative fait son chemin dans les stratégies de cybersécurité, il est essentiel de rester vigilant quant à l’utilisation éthique de cette technologie et aux risques d’utilisation abusive. Néanmoins, ses avantages en termes de renfort de la défense numérique sont indéniables, ce qui en fait un atout inestimable dans la lutte permanente contre les cybermenaces. En quoi MongoDB est-il utile ? Avec MongoDB, vos équipes de développement peuvent créer et déployer des cyberdéfenses en temps réel robustes, appropriées et différenciées plus rapidement, quelle que soit l’échelle. Pour comprendre comment procède MongoDB, considérez que la pile technologique de l’IA se compose de trois couches : Le calcul sous-jacent (les GPU) et les grands modèles de langage Les outils de réglage des modèles, d’apprentissage en contexte et d’inférence par rapport aux modèles entraînés Les applications d’IA et les expériences associées des utilisateurs finaux MongoDB intervient au niveau de la deuxième couche de la pile. Il permet d’alimenter les LLM exécutés sur n’importe quelle infrastructure informatique avec les données propriétaires des clients afin de créer des applications de cybersécurité basées sur l’IA générative. L’intégration de l’IA générative dans la cybersécurité permet ainsi à MongoDB de surmonter les problèmes les plus difficiles. MongoDB Atlas unifie les données opérationnelles, les données non structurées et les données vectorielles de manière sécurisée dans une plateforme multicloud unique et entièrement gérée. La copie et la synchronisation des données entre différents systèmes n’est donc plus nécessaire. L’architecture basée sur les documents de MongoDB permet également aux équipes de développement de modéliser facilement les relations entre les données de votre application et les représentations vectorielles continues. Cela permet de réaliser des analyses plus rapides et plus approfondies, et d’obtenir des informations précieuses sur les données de sécurité. Figure 1 : MongoDB Atlas rassemble tous les services de données nécessaires pour créer des applications de cybersécurité modernes dans une API unifiée et une plateforme de données pour les développeurs. L’architecture ouverte de MongoDB est intégrée à un riche écosystème de frameworks de développement rassemblant IA, LLM et fournisseurs d’intégration. Combinée à nos capacités multicloud de pointe, cette solution offre à vos équipes de développement la flexibilité nécessaire pour agir rapidement et évite de dépendre d’un seul fournisseur de cloud ou technologie IA dans un environnement en évolution rapide. Consultez notre page de ressources sur l'IA pour en savoir plus sur la création d'applications alimentées par l'IA avec MongoDB. Intégrer l’IA générative et MongoDB dans les applications de cybersécurité en situation réelle Renseignement sur les menaces ExTrac utilise des analyses basées sur l’IA et MongoDB Atlas pour prédire les risques pour la sécurité publique en analysant des données provenant de milliers de sources. Conçue à l’origine pour aider les gouvernements occidentaux à prévoir les conflits, la plateforme s’étend désormais aux entreprises pour la gestion de leur réputation, entre autres. Le modèle de données documentaire de MongoDB permet à ExTrac de gérer efficacement des données complexes, améliorant ainsi l’identification des menaces en temps réel. Atlas Vector Search aide à augmenter les modèles de langage et à gérer les représentations vectorielles continues pour les contenus texte, image et vidéo, accélérant ainsi le développement de caractéristiques. Cette approche permet à ExTrac de modéliser efficacement les tendances, de suivre l’évolution des narratifs et de prédire les risques pour ses clients, en tirant parti de la flexibilité et de la puissance de MongoDB pour gérer des données de tous formats et structures. Pour en savoir plus, consultez notre étude de cas ExTrac . Évaluations de cybersécurité VISO TRUST s’appuie sur l’IA pour rationaliser l’évaluation des risques cyber liés aux tiers, de façon à rendre les informations complexes sur la sécurité des fournisseurs rapidement accessibles et éclairer la prise de décision. En utilisant Amazon Bedrock et MongoDB Atlas, la plateforme de VISO TRUST automatise la procédure de vérification de la sécurité des fournisseurs, réduisant de manière significative la charge de travail des équipes de sécurité. Son approche basée sur l’IA s’appuie sur un système de renseignements sur les artefacts qui classifie les documents de sécurité, détecte les organisations et prédit les emplacements de contrôle de sécurité dans les artefacts. MongoDB Atlas héberge des représentations vectorielles continues de texte alimentant un système de récupération dense qui améliore la précision des LLM grâce à la génération augmentée de récupération (RAG), fournissant des informations de sécurité instantanées et exploitables. Cette utilisation innovante de la technologie permet à VISO TRUST de proposer des évaluations rapides et évolutives des risques cyber, offrant ainsi à des entreprises comme InstaCart et Upwork des gains de productivité importants. La base de données documentaire flexible de MongoDB et Atlas Vector Search jouent un rôle essentiel dans la gestion et l’interrogation de grandes quantités de données, soutenant la mission de VISO TRUST consistant à fournir des renseignements complets sur les risques cyber. Pour en savoir plus, consultez notre étude de cas Viso Trust . Étapes pour commencer L’IA générative alimentée par des LLM augmentés de vos propres données opérationnelles encodées sous forme de représentations vectorielles continues ouvre de nombreuses possibilités en matière de cybersécurité. Si vous souhaitez en savoir davantage sur la technologie et ses possibilités, consultez notre Learning Byte Atlas Vector Search . En seulement 10 minutes, vous aurez un aperçu des différents cas d’utilisation et découvrirez comment démarrer. 1 Hill, M. (10 avril 2023). La pénurie de main-d’œuvre dans la cybersécurité avoisine les 4 millions malgré une importante campagne de recrutement. CSO.

March 13, 2024

Uso de IA Generativa y MongoDB para enfrentar los mayores desafíos de la ciberseguridad

En el panorama en constante evolución de la ciberseguridad, las organizaciones enfrentan una multitud de desafíos que exigen soluciones innovadoras que aprovechen tecnologías de vanguardia. Uno de los problemas más apremiantes es la creciente sofisticación de las amenazas cibernéticas, incluidos el malware, el ransomware y los ataques de phishing, que son cada vez más difíciles de detectar y mitigar. Además, la rápida expansión de las infraestructuras digitales ha ampliado la superficie de ataque, lo que dificulta que los equipos de seguridad supervisen y protejan cada punto de entrada y salida. Otro reto importante es la escasez de profesionales cualificados en ciberseguridad que, según encuestas independientes, ronda los 4 millones de empleados en todo el mundo, lo que deja a muchas organizaciones vulnerables a los ataques. Estos desafíos subrayan la necesidad de tecnologías avanzadas que puedan aumentar los esfuerzos humanos para proteger los activos y datos digitales. ¿Cómo puede ayudar la IA Generativa? La IA Generativa (gen AI) se ha convertido en una poderosa herramienta para abordar estos desafíos de ciberseguridad. Al aprovechar los modelos de lenguaje grande (LLM) para generar nuevos datos o patrones basados en conjuntos de datos existentes, la IA generativa puede proporcionar soluciones innovadoras en varias áreas clave: Mejor detección y respuesta a amenazas La IA Generativa se puede utilizar para crear simulaciones de amenazas cibernéticas, incluidos sofisticados ataques de malware y phishing. Estas simulaciones pueden ayudar a entrenar modelos de aprendizaje automático para detectar amenazas nuevas y en evolución con mayor precisión. Además, la IA Generativa puede ayudar en el desarrollo de sistemas de respuesta automatizados que reaccionen a las amenazas en tiempo real. Aunque esto nunca eliminará la necesidad de supervisión humana, reducirá la necesidad de intervención manual y el trabajo, permitiendo una mitigación más rápida de los ataques. Por ejemplo, con la supervisión adecuada, puede aplicar automáticamente parches a sistemas vulnerables o ajustar las reglas del firewall para bloquear los vectores de ataque. Esta capacidad de respuesta rápida automatizada es particularmente valiosa para mitigar las vulnerabilidades del día cero, donde la ventana entre el descubrir una vulnerabilidad y aprovecharla por parte de los atacantes puede ser muy corta. Aprendizajes prácticos a partir del análisis del eventos de seguridad a posteriori Después de un incidente de ciberseguridad, realizar un análisis exhaustivo a posteriori es crucial para comprender qué sucedió, por qué sucedió y cómo se pueden prevenir eventos similares en el futuro. La IA Generativa puede desempeñar un papel fundamental en este proceso al sintetizar y resumir datos complejos de una multitud de fuentes, incluidos registros, tráfico de red y alertas de seguridad. Mediante el análisis de estos datos, la AI Generativa puede identificar patrones y anomalías que pueden haber contribuido a la violación de la seguridad, ofreciendo perspectivas que los analistas humanos podrían pasar por alto debido al gran volumen y complejidad de la información. Además, puede generar informes exhaustivos que ponen de relieve los hallazgos clave, los factores causantes y las vulnerabilidades potenciales, agilizando el proceso del análisis a posteriori. Esta capacidad no solo acelera el proceso de recuperación y aprendizaje, sino que también permite a las organizaciones implementar estrategias de reparación más efectivas, fortaleciendo en última instancia su postura de ciberseguridad. Generación de datos sintéticos para el entrenamiento profundo de modelos. La escasez de datos del mundo real para entrenar sistemas de ciberseguridad es un obstáculo importante. La IA Generativa puede crear conjuntos de datos sintéticos realistas que reflejen el tráfico de red genuino y el comportamiento de los usuarios sin exponer información sensible. Estos datos sintéticos se pueden utilizar para entrenar sistemas de detección, mejorando su precisión y efectividad sin comprometer la privacidad o la seguridad. Automatización de la detección de phishing El phishing sigue siendo uno de los vectores de ataque más comunes. La IA Generativa puede analizar patrones en correos electrónicos y sitios web de phishing, generando modelos que predigan y detecten intentos de phishing con alta precisión. Al integrar estos modelos en sistemas de correo electrónico y navegadores web, las organizaciones pueden filtrar automáticamente el contenido de phishing, protegiendo a los usuarios de posibles amenazas. Recapitulemos: las oportunidades y los riesgos La IA Generativa promete transformar las prácticas de ciberseguridad al automatizar procesos complejos, mejorar la detección y respuesta a amenazas y proporcionar una comprensión más profunda de las amenazas cibernéticas. A medida que la industria continúa integrando IA Generativa en las estrategias de ciberseguridad, es crucial permanecer atento al uso ético de esta tecnología y al potencial de uso indebido. Sin embargo, los beneficios que ofrece para fortalecer las defensas digitales son innegables, lo que lo convierte en un activo invaluable en la batalla en curso contra las amenazas cibernéticas. ¿Cómo ayuda MongoDB? Con MongoDB, sus equipos de desarrollo pueden construir e implementar defensas cibernéticas sólidas, correctas y diferenciadas en tiempo real más rápido y a cualquier escala. Para entender cómo MongoDB hace esto, considere que la pila de tecnología de IA comprende tres capas: La computación subyacente (GPU) y LLM Herramientas para el ajuste fino de los modelos y para el aprendizaje en contexto y la inferencia a partir de los modelos entrenados. Las aplicaciones de IA y las experiencias de usuario final relacionadas MongoDB opera en la segunda capa de la pila. Permite a los clientes aportar sus propios datos a cualquier LLM que se ejecute en cualquier infraestructura informática para crear aplicaciones de ciberseguridad impulsadas por IA. MongoDB hace esto abordando los problemas más difíciles al adoptar la IA Generativa para la ciberseguridad. MongoDB Atlas unifica de manera segura los datos operativos, los datos no estructurados y los datos vectoriales en una única plataforma cloud completamente administrada, evitando la necesidad de copiar y sincronizar datos entre diferentes sistemas. La arquitectura basada en documentos de MongoDB también permite a los equipos de desarrollo modelar fácilmente las relaciones entre los datos de sus aplicaciones y las incrustaciones vectoriales. Esto permite un análisis y una comprensión más profundos y rápidos de los datos relacionados con la seguridad. Figura 1: MongoDB Atlas reúne todos los servicios de datos necesarios para construir aplicaciones modernas de seguridad cibernética en una API unificada y una plataforma de datos para desarrolladores. La arquitectura abierta de MongoDB está integrada con un rico ecosistema de marcos de desarrollo de IA, LLM y proveedores de incrustación. Esto, combinado con nuestras capacidades multi-cloud líderes en la industria, permite a sus equipos de desarrollo la flexibilidad para moverse rápidamente y evitar el bloqueo a cualquier proveedor de cloud o tecnología de IA en particular en este espacio de rápida evolución. Consulte nuestra página de recursos de IA para obtener más información sobre cómo crear aplicaciones basadas en IA con MongoDB. Aplicación de IA Generativa y MongoDB a aplicaciones de ciberseguridad del mundo real Inteligencia frente a amenazas ExTrac utiliza análisis basados en IA y MongoDB Atlas para predecir los riesgos de la seguridad pública analizando datos de miles de fuentes. La plataforma ayudó inicialmente a los gobiernos occidentales a prever conflictos, pero se está extendiendo a las empresas para la gestión de la reputación y otras cuestiones. El modelo de datos de documento de MongoDB permite a ExTrac administrar datos complejos de forma eficaz, mejorando la identificación de amenazas en tiempo real. Atlas Vector Search ayuda a aumentar los modelos de lenguaje y administrar las incrustaciones vectoriales para textos, imágenes y videos, acelerando el desarrollo de características. Este enfoque permite a ExTrac modelar tendencias de manera eficiente, rastrear narrativas en evolución y predecir el riesgo para sus clientes, aprovechando la flexibilidad y el poder de MongoDB para manejar datos de cualquier forma y estructura. Obtenga más información en nuestro caso de éxito de ExTrac . Evaluaciones de seguridad cibernética VISO TRUST aprovecha la AI para agilizar la evaluación de los riesgos cibernéticos de terceros, haciendo que la información de seguridad compleja de los proveedores sea de fácil y rápido acceso para una toma de decisiones informada. Utilizando Amazon Bedrock y MongoDB Atlas, la plataforma de VISO TRUST automatiza la debida diligencia de la seguridad del proveedor, reduciendo significativamente la carga de trabajo para los equipos de seguridad. Su enfoque basado en IA implica inteligencia de artefactos que clasifica documentos de seguridad, detecta organizaciones y predice ubicaciones de control de seguridad dentro de los artefactos. MongoDB Atlas aloja incrustaciones de texto para un sistema de recuperación denso que mejora la precisión de las LLM a través de la generación aumentada de recuperación (RAG), proporcionando información de seguridad instantánea y procesable. Este uso innovador de la tecnología permite a VISO TRUST ofrecer evaluaciones de riesgos cibernéticos rápidas y escalables, con reducciones significativas en el trabajo y el tiempo para empresas como InstaCart y Upwork. La base de datos de documentos flexible de MongoDB y Atlas Vector Search desempeñan funciones críticas en la administración y consulta de grandes cantidades de datos, lo que respalda la misión de VISO TRUST de ofrecer inteligencia integral de riesgos cibernéticos. Obtenga más información en nuestro caso de éxito de Viso Trust . Pasos para comenzar La IA Generativa potenciada por los LLM aumentados con sus propios datos operativos codificados como incrustaciones vectoriales está abriendo muchas posibilidades nuevas en el ámbito de la ciberseguridad. Si desea obtener más información sobre esta tecnología y sus posibilidades, eche un vistazo a nuestro byte de aprendizaje Atlas Vector Search . En solo 10 minutos obtendrá una descripción general de los diferentes casos de uso y cómo empezar. 1 Hill, M. (10 de abril de 2023). A pesar de la importante campaña de contratación, la escasez de mano de obra en ciberseguridad alcanza los 4 millones. CSO.

March 13, 2024

Mit generativer KI und MongoDB die größten Herausforderungen der Cybersicherheit in Angriff nehmen

In der sich ständig weiterentwickelnden Landschaft der Cybersicherheit sehen sich Unternehmen mit einer Vielzahl von Herausforderungen konfrontiert, die innovative Lösungen erfordern, die sich modernste Technologien zunutze machen. Eines der dringlichsten Probleme ist die zunehmende Raffinesse von Cyber-Bedrohungen, einschließlich Malware, Ransomware und Phishing-Angriffen, die immer schwieriger zu erkennen und abzuwehren sind. Darüber hinaus hat der schnelle Ausbau digitaler Infrastrukturen die Angriffsfläche vergrößert, sodass es für Sicherheitsteams schwieriger wird, jeden Ein- und Ausgangspunkt zu überwachen und zu schützen. Eine weitere große Herausforderung ist der Mangel an qualifizierten Fachkräften im Bereich der Cybersicherheit, der nach unabhängigen Erhebungen weltweit auf etwa 4 Millionen Mitarbeiter geschätzt wird1. Diese Herausforderungen unterstreichen den Bedarf an fortschrittlichen Technologien, die die menschlichen Bemühungen zur Sicherung digitaler Werte und Daten ergänzen können. Wie kann generative KI helfen? Die generative KI (GenAI) hat sich als ein leistungsfähiges Werkzeug zur Bewältigung dieser Cybersicherheitsherausforderungen erwiesen. Durch den Einsatz von Large Language Models (LLMs) zur Generierung neuer Daten oder Muster auf der Grundlage vorhandener Datensätze kann generative KI innovative Lösungen in mehreren Schlüsselbereichen bieten: Verbesserte Bedrohungserkennung und -reaktion Generative KI kann verwendet werden, um Simulationen von Cyber-Bedrohungen zu erstellen, einschließlich ausgefeilter Malware- und Phishing-Angriffe. Diese Simulationen können beim Training von Machine-Learning-Modellen helfen, um neue und sich entwickelnde Bedrohungen genauer zu erkennen. Darüber hinaus kann die generative KI bei der Entwicklung automatisierter Reaktionssysteme helfen, die in Echtzeit auf Bedrohungen reagieren. Dies wird zwar die menschliche Aufsicht nicht überflüssig machen, aber es wird den Bedarf an manuellen Eingriffen und Mühen verringern, sodass Angriffe schneller abgewehrt werden können. Mit der entsprechenden Aufsicht kann es zum Beispiel automatisch Patches auf anfällige Systeme anwenden oder Firewall-Regeln anpassen, um Angriffsvektoren zu blockieren. Diese automatisierte schnelle Reaktionsfähigkeit ist besonders wertvoll bei der Abwehr von Zero-Day-Schwachstellen, bei denen das Zeitfenster zwischen der Entdeckung einer Schwachstelle und ihrer Ausnutzung durch Angreifer sehr kurz sein kann. Umsetzbare Erkenntnisse aus den Postmortems von Sicherheitsereignissen Nach einem Cybersicherheitsvorfall ist eine gründliche Postmortem-Analyse entscheidend, um zu verstehen, was passiert ist, warum es passiert ist und wie ähnliche Vorfälle in Zukunft verhindert werden können. Generative KI kann in diesem Prozess eine entscheidende Rolle spielen, indem sie komplexe Daten aus einer Vielzahl von Quellen, einschließlich Protokollen, Netzwerkverkehr und Sicherheitswarnungen, synthetisiert und zusammenfasst. Durch die Analyse dieser Daten kann GenAI Muster und Anomalien erkennen, die zu dem Sicherheitsverstoß beigetragen haben könnten. Sie bietet Einblicke, die von menschlichen Analysten aufgrund der schieren Menge und Komplexität der Informationen möglicherweise übersehen werden. Darüber hinaus können umfassende Berichte erstellt werden, die die wichtigsten Ergebnisse, ursächlichen Faktoren und potenziellen Schwachstellen hervorheben und so den Postmortem-Prozess optimieren. Diese Fähigkeit beschleunigt nicht nur den Wiederherstellungs- und Lernprozess, sondern versetzt Unternehmen auch in die Lage, effektivere Abhilfestrategien zu implementieren und so letztendlich ihre Cybersicherheit zu stärken. Generierung synthetischer Daten für das Training von Deep Models Der Mangel an realen Daten für das Training von Cybersicherheitssystemen ist eine große Hürde. Die generative KI kann realistische, synthetische Datensätze erstellen, die den echten Netzwerkverkehr und das Nutzerverhalten widerspiegeln, ohne sensible Informationen preiszugeben. Diese synthetischen Daten können zum Trainieren von Erkennungssystemen verwendet werden, um deren Genauigkeit und Effektivität zu verbessern, ohne den Datenschutz oder die Sicherheit zu beeinträchtigen. Automatisierung der Phishing-Erkennung Phishing ist nach wie vor einer der häufigsten Angriffsvektoren. Gen AI kann Muster in Phishing-E-Mails und Websites analysieren und Modelle erstellen, die Phishing-Versuche mit hoher Genauigkeit vorhersagen und erkennen. Durch die Integration dieser Modelle in E-Mail-Systeme und Webbrowser können Unternehmen Phishing-Inhalte automatisch herausfiltern und Benutzer vor potenziellen Bedrohungen schützen. Alles zusammen: Die Chancen und die Risiken Generative KI verspricht, die Cybersicherheitspraktiken zu verändern, indem sie komplexe Prozesse automatisiert, die Erkennung von und Reaktion auf Bedrohungen verbessert und ein tieferes Verständnis von Cyberbedrohungen ermöglicht. Während die Branche die Integration von GenAI in ihre Cybersecurity-Strategien vorantreibt, ist es wichtig, den ethischen Einsatz dieser Technologie und das Missbrauchspotenzial im Auge zu behalten. Nichtsdestotrotz sind die Vorteile, die es bei der Stärkung der digitalen Verteidigung bietet, unbestreitbar und machen es zu einem unschätzbaren Vorteil im laufenden Kampf gegen Cyber-Bedrohungen. Wie kann MongoDB helfen? Mit MongoDB können Ihre Entwicklungsteams robuste, korrekte und differenzierte Echtzeit-Cyber-Abwehrsysteme schneller und in beliebigem Umfang erstellen und einsetzen. Um zu verstehen, wie MongoDB dies tut, sollten Sie sich vergegenwärtigen, dass der KI-Technologie-Stack aus drei Schichten besteht: Die zugrunde liegenden Berechnungen (GPUs) und LLMs Werkzeuge für die Feinabstimmung von Modellen zusammen mit Werkzeugen für kontextbezogenes Lernen und Inferenz gegen die trainierten Modelle Die KI-Anwendungen und die damit verbundenen Endbenutzererfahrungen MongoDB arbeitet auf der zweiten Ebene des Stacks. Es ermöglicht Kunden, ihre eigenen Daten in jedes LLM einzubringen, das auf jeder Computerinfrastruktur läuft, um KI-gestützte Cybersicherheitsanwendungen zu entwickeln. MongoDB löst die schwierigsten Probleme bei der Einführung von KI für die Cybersicherheit. MongoDB Atlas führt operative Daten, unstrukturierte Daten und Vektordaten sicher in einer einzigen, vollständig verwalteten Multi-Cloud-Plattform zusammen und vermeidet so die Notwendigkeit, Daten zwischen verschiedenen Systemen zu kopieren und zu synchronisieren. Die dokumentenbasierte Architektur von MongoDB ermöglicht es Entwicklungsteams außerdem, Beziehungen zwischen Ihren Anwendungsdaten und Vektoreinbettungen einfach zu modellieren. Dies ermöglicht tiefere und schnellere Analysen und Einblicke in sicherheitsrelevante Daten. Abbildung 1: MongoDB Atlas vereint alle Datendienste, die für den Aufbau moderner Cybersicherheitsanwendungen benötigt werden, in einer einheitlichen API und Entwicklerdatenplattform. Die offene Architektur von MongoDB ist in ein reichhaltiges Ökosystem von KI-Entwickler-Frameworks, LLMs und Einbettungsanbietern integriert. In Kombination mit unseren branchenführenden Multi-Cloud-Fähigkeiten gibt dies Ihren Entwicklungsteams die Flexibilität, sich schnell zu bewegen und sich nicht auf einen bestimmten Cloud-Anbieter oder eine KI-Technologie in diesem sich schnell entwickelnden Bereich festzulegen. Auf unserer KI-Ressourcenseite erfahren Sie mehr über die Entwicklung von KI-gestützten Apps mit MongoDB. Anwendung von GenAI und MongoDB auf reale Cybersicherheitsanwendungen Bedrohungsdaten ExTrac nutzt KI-gestützte Analysen und MongoDB Atlas, um Risiken für die öffentliche Sicherheit durch die Analyse von Daten aus Tausenden von Quellen vorherzusagen. Die Plattform half zunächst westlichen Regierungen bei der Vorhersage von Konflikten, wird aber nun auch auf Unternehmen ausgeweitet, u. a. für das Reputationsmanagement. Das Dokumentdatenmodell von MongoDB ermöglicht es ExTrac, komplexe Daten effizient zu verwalten und die Identifizierung von Bedrohungen in Echtzeit zu verbessern. Atlas Vector Search hilft bei der Erweiterung von Sprachmodellen und der Verwaltung von Vektoreinbettungen für Texte, Bilder und Videos und beschleunigt so die Entwicklung von Funktionen. Mit diesem Ansatz ist ExTrac in der Lage, Trends effizient zu modellieren, Entwicklungen zu verfolgen und Risiken für seine Kunden vorherzusagen. Dabei nutzt es die Flexibilität und Leistungsfähigkeit von MongoDB, um Daten jeglicher Form und Struktur zu verarbeiten. Erfahren Sie mehr in unserer ExTrac-Fallstudie . Cybersec-Bewertungen VISO TRUST nutzt KI, um die Bewertung von Cyber-Risiken Dritter zu optimieren und komplexe Sicherheitsinformationen von Anbietern für eine fundierte Entscheidungsfindung schnell zugänglich zu machen. Durch die Verwendung von Amazon Bedrock und MongoDB Atlas automatisiert die Plattform von VISO TRUST die Due-Diligence-Prüfung der Sicherheit von Anbietern und reduziert so die Arbeitsbelastung der Sicherheitsteams erheblich. Der KI-gestützte Ansatz umfasst eine Artefaktintelligenz, die Sicherheitsdokumente klassifiziert, Organisationen erkennt und die Position von Sicherheitskontrollen innerhalb von Artefakten vorhersagt. MongoDB Atlas enthält Texteinbettungen für ein dichtes Retrievalsystem, das die Genauigkeit von LLMs durch Retrieval-Augmented Generation (RAG) verbessert und sofortige, umsetzbare Sicherheitserkenntnisse liefert. Diese innovative Technologie ermöglicht es VISO TRUST, schnelle, skalierbare Bewertungen von Cyber-Risiken anzubieten, die für Unternehmen wie InstaCart und Upwork einen erheblichen Arbeits- und Zeitgewinn mit sich bringen. Die flexible Dokumentendatenbank von MongoDB und Atlas Vector Search spielen eine entscheidende Rolle bei der Verwaltung und Abfrage der riesigen Datenmengen und unterstützen die Mission von VISO TRUST, umfassende Informationen über Cyberrisiken zu liefern. Erfahren Sie mehr in unserer Fallstudie zu Viso Trust . Schritte für den Einstieg Generative KI auf der Grundlage von LLMs, ergänzt durch Ihre eigenen operativen Daten, die als Vektoreinbettungen kodiert sind, eröffnet viele neue Möglichkeiten für die Cybersicherheit. Wenn Sie mehr über die Technologie und ihre Möglichkeiten erfahren möchten, werfen Sie einen Blick auf unser Lernbyte zur Atlas Vector Search . In nur 10 Minuten erhalten Sie einen Überblick über die verschiedenen Anwendungsfälle und wie Sie loslegen können. 1 Hill, M. (2023, 10. April). Cybersecurity Arbeitskräftemangel erreicht 4 Millionen trotz erheblicher Einstellungsbemühungen. CSO.

March 13, 2024

Using Generative AI and MongoDB to Tackle Cybersecurity’s Biggest Challenges

This post is also available in: Deutsch , Français , Español , Português , Italiano , 한국어 , 简体中文 . In the ever-evolving landscape of cybersecurity, organizations face a multitude of challenges that demand innovative solutions harnessing cutting-edge technologies. One of the most pressing issues is the increasing sophistication of cyber threats, including malware, ransomware, and phishing attacks, which are becoming more difficult to detect and mitigate. Additionally, the rapid expansion of digital infrastructures has widened the attack surface, making it harder for security teams to monitor and protect every entry and egress point. Another significant challenge is the shortage of skilled cybersecurity professionals — estimated by independent surveys to number around 4 million staff worldwide 1 — which leaves many organizations vulnerable to attack. These challenges underscore the need for advanced technologies that can augment human efforts to secure digital assets and data. How can generative AI help? Generative AI (gen AI) has emerged as a powerful tool in addressing these cybersecurity challenges. By leveraging large language models (LLMs) to generate new data or patterns based on existing datasets, generative AI can provide innovative solutions in several key areas: Enhanced threat detection and response Generative AI can be used to create simulations of cyber threats, including sophisticated malware and phishing attacks. These simulations can help in training machine learning models to detect new and evolving threats more accurately. Furthermore, gen AI can aid in the development of automated response systems that react to threats in real time. While this will never eliminate the need for human oversight, it will reduce the need for manual intervention and toil, allowing for quicker mitigation of attacks. For example, with the appropriate oversight it can automatically apply patches to vulnerable systems or adjust firewall rules to block attack vectors. This automated rapid response capability is particularly valuable in mitigating zero-day vulnerabilities, where the window between the discovery of a vulnerability and its exploitation by attackers can be very short. Actionable learnings from security event postmortems In the aftermath of a cybersecurity incident, conducting a thorough postmortem analysis is crucial for understanding what happened, why it happened, and how similar events can be prevented in the future. Generative AI can play a pivotal role in this process by synthesizing and summarizing complex data from a multitude of sources, including logs, network traffic, and security alerts. By analyzing this data, gen AI can identify patterns and anomalies that may have contributed to the security breach, offering insights that might be overlooked by human analysts due to the sheer volume and complexity of the information. Furthermore, it can generate comprehensive reports that highlight key findings, causative factors, and potential vulnerabilities, streamlining the postmortem process. This capability not only accelerates the recovery and learning process but also enables organizations to implement more effective remediation strategies, ultimately strengthening their cybersecurity posture. Generating synthetic data for deep model training The shortage of real-world data for training cybersecurity systems is a significant hurdle. Gen AI can create realistic, synthetic data sets that mirror genuine network traffic and user behavior without exposing sensitive information. This synthetic data can be used to train detection systems, improving their accuracy and effectiveness without compromising privacy or security. Automating phishing detection Phishing remains one of the most common attack vectors. Gen AI can analyze patterns in phishing emails and websites, generating models that predict and detect phishing attempts with high accuracy. By integrating these models into email systems and web browsers, organizations can automatically filter out phishing content, protecting users from potential threats. Putting it all together: The opportunities and the risks Generative AI holds the promise of transforming cybersecurity practices by automating complex processes, enhancing threat detection and response, and providing a deeper understanding of cyber threats. As the industry continues to integrate gen AI into cybersecurity strategies, it's crucial to remain vigilant about the ethical use of this technology and the potential for misuse. Nevertheless, the benefits it offers in strengthening digital defenses are undeniable, making it an invaluable asset in the ongoing battle against cyber threats. How does MongoDB help? With MongoDB, your development teams can build and deploy robust, correct, and differentiated real-time cyber defenses faster, and at any scale. To understand how MongoDB does this, consider that the the AI technology stack comprises three layers: The underlying compute (GPUs) and LLMs The tooling to fine-tune models along with the tooling for in-context learning and inference against the trained models The AI applications and related end-user experiences MongoDB operates at the second layer of the stack. It enables customers to bring their own proprietary data to any LLM running on any computing infrastructure to build gen AI-powered cybersecurity applications. MongoDB does this by addressing the hardest problems when adopting gen AI for cybersecurity. MongoDB Atlas securely unifies operational data, unstructured data, and vector data in a single, fully managed multi-cloud platform, avoiding the need to copy and sync data between different systems. MongoDB’s document-based architecture also allows development teams to easily model relationships between your application data and vector embeddings. This allows deeper and faster analytics and insights against security-related data. Figure 1: MongoDB Atlas brings together all of the data services needed to build modern cyber security applications in a unified API and developer data platform. MongoDB’s open architecture is integrated with a rich ecosystem of AI developer frameworks, LLMs, and embedding providers. This, combined with our industry-leading multi-cloud capabilities, allows your development teams the flexibility to move quickly and avoid lock-in to any particular cloud provider or AI technology in this rapidly evolving space. Check out our AI resource page to learn more about building AI-powered apps with MongoDB. Applying gen AI and MongoDB to real world cybersecurity applications Threat intelligence ExTrac utilizes AI-powered analytics and MongoDB Atlas to predict public safety risks by analyzing data from thousands of sources. The platform initially helped Western governments foresee conflicts but is expanding to enterprises for reputational management and more. MongoDB's document data model allows ExTrac to manage complex data efficiently, enhancing real-time threat identification. Atlas Vector Search aids in augmenting language models and managing vector embeddings for texts, images, and videos, speeding up feature development. This approach enables ExTrac to efficiently model trends, track evolving narratives, and predict risk for its customers, leveraging the flexibility and power of MongoDB to handle data of any shape and structure. Learn more in our ExTrac case study . Cybersec assessments VISO TRUST leverages AI to streamline the assessment of third-party cyber risks, making complex vendor security information quickly accessible for informed decision-making. Utilizing Amazon Bedrock and MongoDB Atlas, VISO TRUST's platform automates the due diligence of vendor security, significantly reducing the workload for security teams. Its AI-powered approach involves artifact intelligence that classifies security documents, detects organizations, and predicts security control locations within artifacts. MongoDB Atlas hosts text embeddings for a dense retrieval system that enhances the accuracy of LLMs through retrieval-augmented generation (RAG), providing instant, actionable security insights. This innovative use of technology enables VISO TRUST to offer rapid, scalable cyber risk assessments, boasting significant reductions in work and time for enterprises like InstaCart and Upwork. MongoDB's flexible document database and Atlas Vector Search play critical roles in managing and querying the vast amounts of data, supporting VISO TRUST's mission to deliver comprehensive cyber risk intelligence. Learn more in our Viso Trust case study . Steps to get started Generative AI powered by LLMs augmented with your own operational data encoded as vector embeddings is opening up many new possibilities in cyber security. If you want to learn more about the technology and its possibilities, take a look at our Atlas Vector Search learning byte . In just 10 minutes you’ll get an overview of different use cases and how to get started. 1 Hill, M. (2023, April 10). Cybersecurity workforce shortage reaches 4 million despite significant recruitment drive . CSO.

March 13, 2024

Building AI With MongoDB: How GoBots AI for E-commerce Increases Retailer Sales Conversion by 40%

Major retail brands have long been using various forms of AI, for example statistical analysis and machine learning models, to better serve their customers. But with its high barriers to entry, one key channel has been slower to embrace the technology. By connecting large and small brands with customers, e-commerce marketplaces such as Amazon, Mercado Libre, and Shopify are among the fastest growing retail routes to market. Since 2016, GoBots has been working to extend the benefits of AI to any retailer on any marketplace. It uses AI, analytics, and MongoDB Atlas to make e-commerce easier, more convenient, and smarter for brands serving Latin America. “We are building an AI-driven customer service platform that revolutionizes e-commerce experiences,” says Victor Hochgreb, Co-Founder and CEO of GoBots. “Our solution makes the benefits of AI available to any retailer, whether large or small. With our GoBots natural language understanding (NLU) model, retailers automate customer interactions such as answering questions and resolving issues through intelligent assistants. At the same time, they leverage data analytics to offer personalized customer experiences.” Hochgreb goes on to say, “GoBots increases engagement and conversion rates for over 600 clients across Latin America, including Adidas, Bosch, Canon, Chevrolet, Dell, Electrolux, Hering, HP, Nike, and Samsung.” Check out our AI resource page to learn more about building AI-powered apps with MongoDB. Figure 1: GoBots NLU AI models analyze customer questions and issues, providing human-like answers in seconds Exploring GoBot's AI stack GoBots’ custom NLU models are built using the Rasa framework. Hochgreb says, “We have a neural network trained on over 150 million question-answer examples and more than 50 bots — specialists in different segments — to understand more specific questions.” Models are fine tuned with data from the retailer's own product catalog and website corpus. The model runtime is powered by a PyTorch microservice on Google Cloud . The larger GoBots platform is built with Kotlin and orchestrated by Kubernetes, providing the company with cloud freedom as its business expands and evolves. Figure 2: GoBots question processing architecture The GoBots AI assistants kick into action as soon as a customer asks a question on the marketplace site, with the questions stored in MongoDB Atlas . GoBots’ natural language models are programmatically called via a REST API to perform tasks like named entity recognition (NER), user intent detection, and question-answer generation with all inferences also stored in MongoDB. If the models are able to generate an answer with high confidence, the GoBots service will respond directly to the customer in real time. In case of a low confidence response, the models flag the question to a customer service representative who receives a pre-generated suggested response. They can then verify the response and reply to the customer. Increasingly the company’s engineers are also evaluating the capabilities of large language models (LLMs) to respond to customer questions. It is testing both commercial models from OpenAI as well as open source models such as Llama-2 and Mixtral hosted on Hugging Face. With all question-answer pairs from the different models written to the MongoDB Atlas database, the data is used to further tune the natural language models while also guiding model evaluations. The company has also recently started using Atlas Vector Search to identify and retrieve semantically similar answers to past questions. The search results power a co-pilot-like experience for customer service representatives and provide in-context training to its fleet of LLMs. Having our source data and metadata stored and synced side by side with our vector embeddings dramatically accelerates how quickly my developers build with AI. It also improves the quality of the outputs we return to customers, driving higher conversions and customer satisfaction. Victor Hochgreb, Co-Founder and CEO of GoBots Why MongoDB? With the power of MongoDB’s developer data platform and flexibility of MongoDB’s document model, GoBots builds higher-performing AI-powered applications faster: MongoDB Atlas provides a single data platform that serves multiple operational and AI use cases. This includes user data and product catalogs as well as a store for AI model inferences, outputs of multiple AI models for experimentation and evaluation purposes, a data source for fine-tuning models, and for vector search. The company is evaluating the use of Atlas Triggers for invoking AI model API calls in an event-driven manner as the underlying data changes. The field of natural language processing is rapidly progressing with new AI models released all the time. Finding the right AI model for a use case that balances the performance-price tradeoff requires experimentation on historical data. The flexibility provided by MongoDB’s document model allows the development team to continually enrich historical questions with outputs generated by different models and compare the results. This means that they are not blocked behind complex schema changes that would otherwise slow down the pace of harnessing new data in their models for training and inference. The question-answer pairs output by the company’s NLU models and LLMs are complex data structures with many nested entities and arrays. Being able to persist these directly to the database without first having to transform them into a tabular structure improves developer productivity and reduces application latency. It was this flexibility that was behind the decision to use MongoDB from the outset. “We were building fast, continually testing new features to scale what worked and kill what didn’t,” says Hochgreb. “Only MongoDB provided the developer ease of use and flexibility to meet my time-to-market demands”. The company initially ran MongoDB itself before upgrading to MongoDB Atlas in 2019. “The company was growing fast and I wanted to focus my engineering team on building, not operating. That is exactly what Atlas and its managed service enabled us to do,” says Hochgreb. “With Atlas we were able to maintain high uptime in the face of constant service scaling, with deep monitoring and observability into our platform. In the first year of running in MongoDB Atlas we were able to avoid hiring a full-time infrastructure engineer, and instead redirected the resource into my development team, building new customer features.” GoBots has been able to expand MongoDB usage to deliver even higher value features in its platform over time. It uses MongoDB’s app-driven intelligence to power dashboards that help retailers track questions and complaints, identify opportunities, measure marketing activities, and optimize the customer journey across the marketplace. Its adoption of Atlas Vector Search is the latest example of how the company is expanding application functionality without losing the benefits of building and running on the single, unified Atlas developer data platform. Figure 3: Real-time analytics provide retailers with instant insights to better serve their customers and grow revenue. The results and what's next By working with hundreds of customers running on Latin America’s largest marketplaces, GoBots has built a compelling track record of achievement: By using GoBots AI for ecommerce with MongoDB Atlas, customers have grown sales conversions by 40% and reduced time to customer response by 72%. Looking forward, GoBots adoption of generative AI and vector search will further drive results across the retail marketplace experience. Being part of MongoDB’s AI Innovators Program provides GoBots with free Atlas credits along with access to live technical reviews, helping the company de-risk AI developments. If you are building your own AI-powered apps, apply for the program and take MongoDB Atlas for a spin. It's the quickest way to see why retailers around the world use MongoDB .

March 6, 2024

Building AI With MongoDB: Story Tools Studio Brings Gen AI To Gaming With Myth Maker AI

Story Tools Studio harnesses cutting-edge generative AI (gen AI) technologies to craft immersive, personalized, and infinite storytelling experiences.​​​ Roy Altman, Founder and CEO at Story Tools Studio says, “Our flagship game Myth Maker AI leverages MUSE, an internally developed AI-powered, expert-guided story generator that blends a growing collection of advanced AI technology with creative artistry to weave real time narratives.” The company’s founders have backgrounds in stage, film, and video production, and both share a deep love of gaming. When ChatGPT first launched, they immediately recognized an opportunity to redefine gaming experiences. And so Story Tools Studio and its MUSE engine were born. MUSE (Modular User Story Engine) combines professionally crafted stories with user-empowered experiences. Players make intentional choices that guide the story with AI adapting to each decision in real time, providing a unique and personalized journey. MUSE separates the story from game mechanics, allowing the development of multiple game types. Its use of AI creates more agile teams with fewer dependencies. Generating gameplay with AI When a player starts a game in Myth Maker AI , they are presented with the option to choose their starting hero character. Under the covers, MUSE calls the GPT4 API, which takes the player’s selection and writes a fully customized adventure premise. From that initial personalized script, MUSE programmatically calls specialized AI models to collaboratively generate an immersive, multimodal gaming experience using images, animation, audio, and soon, video and 3D. Figure 1:   MUSE orchestrates multimodel genAI to create real time, unlimited stories Altman says, “For story generation and text to voice, we run mainly in Azure’s OpenAI service. Visual assets are created via Leonardo AI, and we are constantly experimenting with new models to create richer modalities. Right now my team is working on generating enhanced 3D assets and video from text prompts. With the pace of AI advancement, the creativity of my team, and the input from our game testers, we are continuously deploying new features. And MongoDB with its dynamic and flexible document data model gives my developers the freedom to do that. This enables us to build a truly innovative, artistic platform, opening up a whole new world of experiences for both creators and audiences alike.” By selecting MongoDB, we were able to create a prototype of our game in just 48 hours. It is only with MongoDB that we can release new features to production multiple times per day. We couldn’t achieve any of this with a relational database. Roy Altman, Founder and CEO at Story Tools Studio AI, transactions, and analytics with MongoDB Altman’s engineering team has used MongoDB Atlas from the very start of the company. MongoDB stores all of the data used in the platform — user data, scripts, characters, worlds, coins, and prompts are all richly structured objects stored natively in MongoDB. The games are built in React and Javascript. Beyond gameplay, the company’s developers are now exploring MongoDB’s ACID transactional integrity to support in-game monetization, alongside in-app intelligence to further improve the gaming experience through player analytics. “By running MongoDB in Atlas, my engineering team is free to focus on AI-driven gaming experiences, and not on the grind of managing a database,” says Altman. “MongoDB has scaled seamlessly and automatically as we’ve graduated from our closed beta into public beta today. Every 24 hours we are organically adding dozens of new players with tens of gigabytes of new data streaming into the platform. We expect this to grow quickly when we kick off our marketing campaigns.” What's next? Myth Maker AI is just the start. Story Tools Studio has plans for multiple games in the next 12 to 18 months. At the same time MUSE is an extensible platform — the company is also looking to explore content generation outside of gaming in areas such as education and training. Story Tools Studio is a member of the MongoDB AI Innovators program providing it with access to Atlas credits and technical best practices, allowing its engineers to freely explore what’s possible with gen AI and MongoDB. You can get started with your AI-powered apps by registering for MongoDB Atlas and exploring the tutorials available in our AI resources center . You can also learn more about why the world’s largest games run on MongoDB .

February 27, 2024