I STOPPED LOOKING FOR THE SECRET PROMPT

For a while I thought the secret was the prompt.

If I just said the right thing in the right way that I would get what I wanted. My early adoption of using AI tools was often frustrating, but sometimes exciting, until I changed my approach.

I had a decade of unfinished creative work, a professional identity that had drifted, and felt like there were recurring patterns in my life that I had become blinded to seeing. I used a Large Language Model (LLM) to interpret the way that I used language. I uploaded samples of my written work over a period of time; I asked it to question me about my values, virtues and vision. I wanted to see if I could uncover consistent patterns, recurring themes or frameworks across different eras of my life or industries that I have worked in or different creative projects.

What came back was reductionistic but also clarifying. My personal point of view has largely been developed across spiritual beliefs, family culture, visual art, cybersecurity, DIY culture, and systems thinking. This is a very narrow view of what the world. The AI primarily reflected back from this context and so I kept pushing. I asked it to go deeper and look for my patterns of thinking in other cultures and other times. Now I had new areas to explore, new things to learn, new connections to make.

That’s when I understood how I was using these tools. I don’t desire to use them as thinking machines but as reflective surfaces. My definition of creativity is simple : making connections. In my personal creative process, one thing I seek is to connect what I learn to what I know while remaining flexible to understand when what I know needs refinement. While using these tools I felt that I could visualize my creative process.

I asked it how to build an agent that could help me iterate through ideas and it helped me to build a multi-agentic creative council based on my personal philosophical framework. Once this agent was developed I was able to move between multiple models and products and found the value stayed consistent — because the value was never in the tool. I shipped creative work after a ten year drought and then I kept producing. None of that happened because the AI was powerful. It happened because I showed up with enough accumulated depth to use a reflective surface well.

AI doesn’t have to be part of this type of work for you at all.

People have always accessed this kind of clarity through reading deeply, through meditation, through sustained writing practice, through being in nature, through observation, through making things with their hands. The through line in all of those is the same. You are doing the work of developing a mind worth amplifying. The tool just extends your reach.

What I’m watching in the AI adoption conversation concerns me. The focus is almost entirely on the capability of the tools. Very little of it is about the capability of the people using them. We are building governance frameworks, training programs, and organizational strategies around what AI can do. That inversion will cost us something. AI isn’t just a reflective surface it is an amplifier. A powerful amplifier with nothing worth amplifying just makes a lot of noise. I don’t want more noises, I’d rather hear voices. I want to hear what you have to say.

Cyber Diversity Framework

 I was invited to speak at DEF CON 29 this year. I presented at the inaugural Blacks In Cybersecurity village. The video is below.

The talk that I gave was about a framework that i use to get things done in my life. I call it the Cyber Diversity Framework and it derived from systems thinking/risk management framework/design thinking. The idea of the framework is to examine barriers to increasing diversity in cybersecurity.

•        Empathize and discover patterns of behavior.

                                        What do they need?

 

•        Align your focus.

How can I help?

 

•        Ideate and design solutions.

      What does change look like?

 

•        Model and assess together.

How does my thinking need to transform?

 

•        Deploy the best model.

      What works? What doesn't work? 

For example. You are looking to enter the tech industry and you want an entry-level job in information security. You browse job postings. Empathize - What need does the job posting state? Align - What transferable skills do you have to meet the need? Ideate - What are ways to demonstrate those skills in your resume? Model - What gaps do you have and how can you address them. Deploy - Submit your targeted resume and develop stories that illustrate how you can meet the needs.

This talk gives more detail to the process and why I feel that this is so important at this time.

If you have questions or comments please reach out to me.

The slides are available on my Github repository. 

How to use MITRE ATT&CK heat maps to enrich your Security Operations

I find cyber threat intelligence fascinating and I wanted to find a way to use it to enhance our security operations. Previous efforts to use threat feeds had been frustrating as there were a lot of false positives and very little context. Last year at DerbyCon I learned about the MITRE ATT&CK framework and I’ve been searching for ways to leverage it in our environment. MITRE ATT&CK is a knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base can be utilized as a foundation for the development of specific threat models and methodologies to detect and defend against cyber adversaries.

Tactics are what attackers are trying to achieve (such as maintaining persistence and undetected presence in your environment). A technique is a specific behavior to achieve a goal and is often a single step in a string of activities employed to complete the attacker’s overall mission. The ATT&CK website provides many details about each technique including a description, examples, references, and suggestions for mitigation and detection.

I created a heat map based on the following groups which have been known to target defense, manufacturing and aviation industries:

• APT17

• APT19

• APT33

• Deep Panda

• Gallmaker

• Leviathan

• menuPass

• Threat Group-3390

• Turla

The MITRE ATT&CK Navigator tool can be found at https://github.com/mitre-attack/attack-navigator.

Scores were assigned to each technique and the score would increase if it was used by more than one adversary. I was advised by other threat analysts that a single color with a gradient would be more effective than utilizing a multicolor scheme like a traffic light protocol.

My initial thought was that this color-coded heat map would make a good visual and it could be used to better communicate our defense priorities. In this particular iteration, we found that process monitoring and file monitoring were two of our top priorities to defend against this set of adversaries.

Now that I had this representation I went through each technique and made a list of the log sources that could be analyzed to see instances of the technique in our enterprise. My team worked together to determine if we had gaps in our visibility of these techniques. Our goal was not to block any of these techniques because a number of them are legitimate processes that can be used maliciously. Our primary focus was on tactics that were to the left of persistence so that potentially malicious behavior could be targeted pre-persistence.

With this foundation, we used MISP to search for tags that matched APT groups and techniques based on what we saw in the heat map. These feeds could then be enriched by Cortex analyzers and fed into our SIEM to enrich our correlations with more context. 

Previously we had fed entire threat feeds directly into our SIEM; by using this more targeted approach we were able to greatly reduce the number of false positives.

These ideas are early in their implementation. I will continue to build out this process with my team and update as metrics and efficiencies can be documented. In our current environment, I believe that we can become better defenders by working together and sharing information. If you have questions feel free to contact me.

The original article was published on Linkedin.com at https://www.linkedin.com/pulse/how-use-mitre-attck-heat-maps-enrich-your-security-keith-chapman

Words of Power

I often feel like I'm an observer and not really necessary to the events going on around me. I often feel invisible and that what I contribute isn't important.

I can see now see this more clearly and believe that this is a lie. I think that this false belief comes from several sources:

• It's learned behavior, one of my nicknames is "stealth".
• I am a person of color and there is such a thing as institutional racism.
• I'm selfish and being engaged can get messy.
• I've been given words of power to speak in the lives of others and have an enemy that would rather have me to remain silent.

Any combination of the above - or something else.

Two "meaningful coincidences" have happened recently:
1. I've been in a position to share godly wisdom with other men and I've been exhorted to speak up repeatedly.

2. I've been working with cybersecurity interns and it was very impactful. I can see a new value in my vocation and experience.

This week I dreamt of a book of Afrofuturism (If you saw the Black Panther movie, imagine that Wakanda was a real place). That too felt like a "meaningful coincidence" and it came clearer into focus. I want to be seen and known and it's going to take work and strength.

I've been challenged to speak up. Please pray that I will continue to be given words of power to speak into the lives of others and that I will speak them.

Nebula Academy of Imaging and Learning

We have homeschooled our children for several years. This year I had our eldest submit an application to continue homeschooling. We want our student to grow in his responsibility for learning and thus we customize a personal learning plan for our use.

Personalized Learning Plan

To Create and cultivate. We believe that all people were created in the image of God (imago Dei) and that we have been granted a God-given dignity, uniqueness, skills, and talents (d.u.s.t.); through which we serve others through good works, wisdom, and virtue.

We desire to know God and his creation more deeply through your education and it is our desire that he will transform your heart and that you will live as a new creation with the power of Christ to do even greater works.

Homeschool Application

He was excited about the new direction and I will work closely with him to accomplish his educational goals. Feel free to use this idea for your family.

About

To create and cultivate.
My name is Keith Chapman
@S1lv3rL10n

Proverbs 1:1-7

The proverbs of Solomon son of David, king of Israel:

 for gaining wisdom and instruction;
    for understanding words of insight;
 for receiving instruction in prudent behavior,
    doing what is right and just and fair;
 for giving prudence to those who are simple,
    knowledge and discretion to the young—
 let the wise listen and add to their learning,
    and let the discerning get guidance—
 for understanding proverbs and parables,
    the sayings and riddles of the wise.

The fear of the Lord is the beginning of knowledge,

    but fools despise wisdom and instruction.

This passage summarizes how I desire to think through things. I value knowledge and wisdom and desire to grow in both.