From RAGs to Riches: Navigating Large Attack Surfaces with LLMs to Find Bugs

Reconnaissance is a crucial phase of the bug hunting process. However, managing and analyzing large amounts of recon data is challenging. As your data grows, it becomes increasingly difficult to identify and prioritize where your efforts should be focused. LLMs have shown potential to help tackle this problem, but chat assistants still require you to parse your data manually and spoon feed them the relevant context.

This talk explores how Retrieval Augmented Generation (RAG) techniques can be used with LLMs to enhance how you interact with your attack surface data. We will demonstrate how we incorporate data from a variety of widely used security tools into a centralized knowledge base. This enables LLM agents to access and analyze this data without being confined to the LLM's context window limitations. We will also walk through how you can use LLMs to enrich your data as it is ingested to provide actionable insights.

Join us to discover how you can level up your LLMs to gain an edge in finding bugs across an organization's attack surface.