“`html
His determination:
Context prevails
Essentially, whoever can perceive the most about the target and can retain that image in their mind most effectively will excel at identifying vulnerabilities the quickest and exploiting them. Alternatively, as the defender, implementing patches or remedies promptly.
Moreover, when you’re on the inside, you understand what the applications perform. You recognize what is crucial and what is trivial. You can leverage all that insider insight to address issues—ideally before the adversaries exploit them.
Overview and forecast
- Attackers will maintain the upper hand for 3-5 years. For less sophisticated defense teams, this period will stretch considerably longer.
- After that timeframe, AI/SPQA will gain the extra internal context needed to provide Defenders with the upper hand.
LLM technology is far from being equipped to manage the context of an entire organization at this moment. This is why it will take 3-5 years for authentic AI-enhanced Blue to materialize.
In the interim, Red will be capable of utilizing publicly accessible context from OSINT, Recon, etc. to enhance their assaults.
I concur.
Incidentally, this illustrates the SPQA framework.
“`