Hello and welcome to the Wednesday, October 4, 2020, edition of the Sans and Storm Center's Stormcast.

My name is Johannes Ulrich, and then I'm recording from Jacksonville, Florida.

Large language models like Chatsy, PTA are, of course, all over the place, but not a lot of people are actually trying to train

their own models. And the problem with these large public models like Chad GPD is that

they are trained with generic data. And secondly, that anything that you post to it, any prompted

you're creating, of course, is in fact

leaked to that language model and it may not be appropriate for, for example, logs you create

internally in your network and security events to be shared with these models. So Tom looked

into creating his own model and he describes how he

did it here in the latest blog post and some of the results that he obtained with this model.

Now Tom looked at it with sort of an incident response lens and essentially sort of, for example,

pasted, log snippets to the model and then asked it what kind of attack it is. It did pretty

well there. It didn't do well with some of the other tasks like writing reports and such.

You can see what the result was in Tom's blog. Now Tom doesn't walk you

in the details of the training but has links that will explain to you how the training worked

and also what kind of hardware he used for this particular model that he trained himself.

And then we have another sort of machine learning related story,

a critical vulnerability in TorchServe.

This allows for unauthenticated remote code execution.

TorchServe is used to connect PiTorch,

PyTorch being a standard library,

often used in Python for machine learning,

...