RSI Security recently partnered with ImmuniWeb to host the webinar Unmasking the Dark Web: Leveraging AI for Enhanced Threat Intelligence. Patrick Murphy, Manager of Cybersecurity and Risk Services at RSI Security, was joined by Dr. Ilia Kolochenko, CEO and Chief Architect at ImmuniWeb, to discuss AI’s impact on dark web monitoring, regulatory compliance, and more.
Threat Intelligence, AI Tools, and the Dark Web
The start of the webinar featured presenter introductions and context about their organizations. RSI Security is a global leader in cyberdefense implementation, customizing solutions for security, compliance, and governance. ImmuniWeb is a global application security provider headquartered in Switzerland with an award-winning platform that helps clients in over 50 countries secure apps, networks, and more through smart uses of artificial intelligence (AI).
The webinar’s subsequent agenda included the following highlights:
- An overview of the ImmuniWeb Discovery tool and its applications
- A discussion of how tools like these impact regulatory compliance
- A live demo of ImmuniWeb’s and RSI Security’s approaches in action
After introductions, Dr. Kolochenko segued into the overview of the ImmuniWeb Discovery tool.
How Discovery Tools Mitigate Dark Web Risks
Kolochenko began his portion of the presentation by explaining the primary use case of ImmuniWeb Discovery: Continuous Threat Exposure Management (CTEM). CTEM is a relatively new term coined to streamline a suite of services, including but not limited to attack surface management, continuous security monitoring, dark web monitoring, and cyber threat intelligence. ImmuniWeb’s CTEM platform assesses an organization’s external risks and threats—especially those stemming from dark web exposure—swiftly and efficiently.
All organizations need to do to begin an assessment is provide a company name, and the platform generates a robust dashboard. From there, any stakeholder can see exactly what hackers and other attackers see in terms of where the organization appears across global domains. This allows for granular monitoring of vulnerabilities, configurations, known privacy problems, and other potential issues impacting a given mobile/web app across all locations.
The Discovery tool also allows for monitoring across cloud platforms and networks, providing visibility into misconfigurations, incidents, and any other possible threats in or around them.
All risks are graded according to their potential impact, with suggested priority in terms of remediation (e.g., “CRITICAL” or “HIGH”). These features give users instant, easily accessible visibility across all potential exposures to facilitate incident prevention, response, and recovery.
Dedicated tabs for repositories and incidents provide greater insights into more advanced exposure risks, realized or not, which is especially critical for dark web threats in particular.
Dark Web Monitoring and Third-Party Risk Management
Kolochenko explained how ImmuniWeb locates, documents, and provides updates on activity regarding a company’s information on the dark web. This includes screenshots and transcripts of conversations regarding said data, like attackers or other visitors on a forum discussing stolen credentials that are up for sale or otherwise on offer. This powerful monitoring is made possible by language learning models (LLMs) that scrape and process much more information, much faster, than any human or team thereof could do.
These tools can also be trained to work across language barriers that could otherwise hamper threat monitoring—for example, they can power reading, translating, and reporting on conversations happening in Russian on the dark web.
These powerful dark web monitoring capabilities also allow for third-party risk management (TPRM). Kolochenko explained how TPRM is even easier and more efficient than CTEM using the ImmuniWeb platform. Simply entering a vendor name (and optionally a region or country) allows for granular insights into how that vendor or service provider fares in terms of dark web exposure within a given (optional) geospatial context. These reports can be configured based on an organization’s needs to focus visibility on only critical, high, or other risk priorities.
How Discovery Tools Interact with Compliance
RSI Security’s own Patrick Murphy took over to talk about how AI tools like ImmuniWeb’s can interact with compliance. AI is reshaping almost everything in the technology world, from the most basic goods and service delivery to critical areas like business, public health, and security.
However, for all of the benefits AI delivers, it also raises questions. Organizations must vet AI tools to ensure trustworthy results, and users must understand how each tool generates its answers. Accountability is also a concern, especially with respect to data privacy and other considerations. AI tools require human oversight to realize their potential.
Optimal tools like ImmuniWeb take this all into consideration with enhanced transparency.
Additionally, working with a quality service provider like RSI Security ensures that any AI platforms an organization is using maintain sound ethics and compliant practices.
A common myth is that AI governance issues stem from model development. This is a huge misunderstanding, as its use touches many other stakeholders, including but not limited to:
- Chief Information Security Officers (CISOs)
- Legal teams leveraging AI for decisions
- Risk officers overseeing AI integration
- IT and security teams using AI alerts
One of the biggest mistakes organizations can make when implementing AI is assuming that developers are the only ones responsible for ensuring that AI tools operate as expected.
How AI Frameworks Promote Sound Governance
Every single individual who uses AI bears some share of the responsibility for ensuring fair, compliant use. Following frameworks like the Organization for Standardization and the International Electrotechnical Commission (ISO/IEC) 42001 and the National Institute of Standards and Technology (NIST) AI Risk Management Framework (RMF) can help.
The ISO/IEC guides top-level management of AI systems to align enterprise AI strategy with organizational goals and ethical best practices. Meanwhile, NIST’s AI RMF promotes and maintains system-wide principles like trustworthiness and transparency.
Unlike other regulatory contexts, these frameworks are not yet legally mandatory. However, global governments and other regulatory bodies are swiftly developing AI-centric controls throughout other mandated frameworks, and it is likely that regulations will become stricter rather than more lenient over time. Implementing ISO/IEC and NIST recommendations now should facilitate future implementations and assessments for emerging laws governing AI.
In addition, sound governance promotes more effective and efficient AI use.
Another insidious myth is that regulatory concerns can hamper productivity. However, when organizations pair powerful tools like ImmuniWeb with sound, compliant governance, they can act swiftly and fully on all generated insights. Vetting processes make outcomes actionable sooner, leading to greater security results while assuaging any potential compliance risks.
To that effect, RSI Security helps organizations get the most out of AI tools by:
- Mapping AI tools into risk governance structures
- Reviewing vendor-provided AI tools and internal usage
- Building AI governance policies and compliance roles
- Training teams on AI-influenced decision-making
RSI Security maximizes AI tools’ efficacy for cyberdefense with sound governance.
How ImmuniWeb and RSI Solutions Work
Rolling into the live demonstration, Murphy unpacked a metaphor for how AI and governance interact to optimize an organization’s operations. AI makes organizations faster, while sound governance makes them safer. But that safety does not necessarily come at the expense of speed. Murphy said he prefers to think of it as a multiplier effect, like how racecar drivers use brakes tactically right before a turn to increase their overall speed rather than fully decelerate.
In other words: Treating governance as part of a control system turns it into a competitive edge.
Kolochenko then took the reins to provide a live demonstration of how ImmuniWeb works in practice, keeping sound governance principles that RSI Security would provide in mind. He showed how a user would initiate an ImmuniWeb assessment, beginning with selecting either STEM or TPRM. Then, he walked through some of the other preparatory steps needed to ensure the results align with what the user needs, excluding less relevant outcomes. After providing this information, along with a license key, results are available within 72 hours.
Kolochenko then walked through some additional features of the platform, like exporting preferences, filtering, and other configurations. Importantly, users can automate the triage steps based on specific compliance needs (like PCI DSS), owner, region, and other customizable features.
Optimizing Threat Intelligence with AI
Wrapping up the live demonstration, Kolochenko returned to the topic of dark web threat monitoring, which is one of the most critical use cases for ImmuniWeb—and an example of where sound AI governance is absolutely necessary. He also urged existing and potential customers to review the ImmuniWeb user manual—a dynamic, regularly updated resource that helps users get started with the tool right away.
RSI Security helps organizations get the most out of ImmuniWeb and other AI tools. We have collective decades of experience implementing cyberdefense controls and systems, including emerging technologies like AI. Your team may face challenges during any new implementation, and RSI Security helps you rethink and optimize your governance to overcome them.
To learn more about our AI-enhanced security services, get in touch today!
Contact Us Now!
