No-code security automation platform Blink Ops today announced the launch of Blink Copilot, a generative artificial intelligence assistant designed to generate cloud security operations workflows on-demand. 

The solution, based on LLMs provided by Microsoft Corp., Google LLC’s Bard and OpenAI LP, has been trained on thousands of security workflows so that it can automatically generate no-code workflows and automate cloud security, incident response, identity and access management, threat hunting, and governance, risk management and compliance tasks when prompted. 

“With over 3.4 million security jobs open, security automation is the only way for organizations to defend against the massive volume of attacks enterprises face on a daily basis,” Gil Barak, co-founder and chief executive of Blink Ops, said in an exclusive interview with SiliconANGLE. “For the first time in history, generative AI gives teams the ability to create security workflows using simple text prompts, significantly reducing the barrier to automating new workflows,” Barak said.

More broadly, the release of Blink Copilot demonstrates that generative AI has a significant role to play in streamlining the development of automated SecOps workflows in the modern security operation center. 

Using LLMs to optimize SecOps workflows

The announcement comes as security teams are under increasing pressure to do more with less, with 62% of security professionals reporting their teams are understaffed amid the ongoing cyber skills gap. Generative AI has the potential to ease the burden on these security teams by enabling security teams to develop security operations playbooks at speed without any coding expertise. 

For example, a user can enter a prompt such as “contain phishing email” and generate a workflow that automatically identifies and contains phishing emails by adding them to a spam folder and issuing a notification via Slack. 

Likewise, entering “scan for virus” generates a workflow security operations center teams can use to scan files for viruses with VirusTotal and Hybrid Analysis. So far, Barak claims, Blink Ops’ internal security team has created more than 6,000 automation workflows using the solution. 

Reviewing generative AI in the security market

Since its founding in 2021, BlinkOps has generated significant interest among investors, raising $26 million in funding, and creating a vast library of thousands of cloud operations and security playbooks. 

BlinkOps adoption of generative AI has the potential to increase the organizations growth and demonstrate a disruptive approach to workflow automation. But it’s important to note the organization isn’t the only company that’s been experimenting with LLMs in a security context. 

Back in March, Microsoft announced the release of Security Copilot, a GPT-4 AI assistant for security teams. It processes threat signals and generates a written summary of priority risks for analysts to respond to. 

Similarly, in April, Google Cloud announced the release of Security AI Workbench and its specialized security LLM, Sec-PaLM. It not only processes proprietary threat intelligence from Google and and its Mandiant unit to identify malicious activity, but it also has the ability to automate incident response tasks. 

However, what differentiates Blink Copilot from these competitors is its focus on workflow automation, rather than processing threat signals or threat intelligence.

“Other security copilots like Sentinel One Purple AI, Microsoft Security Copilot and Google SecPaLM, enable you to ask and answer questions using text prompts, but do not create actionable workflows that are useful outside of the target platform,” Barak said.

Photo: Blink Ops