Please enable JavaScript in your browser.

fltech - 富士通研究所の技術ブログ

富士通研究所の研究員がさまざまなテーマで語る技術ブログ

Security Audit Automation: A new frontier in security with large language models

Hello, I am Tanaka from the Security AI Team at Fujitsu Research. We are pleased to announce that we have made our security audit automation technology available to the public on the Fujitsu Research Portal, where you can try out technologies developed by Fujitsu.

This article introduces the security audit automation technology that we have made publicly available.

Security Audit Automation Technology

In recent years, as cyberattacks become more sophisticated and cunning, it has become increasingly urgent for companies and organizations to strengthen their security measures. In particular, security audits, which identify and remediate vulnerabilities in systems and applications, are an essential part of security measures.

A security audit is an activity that evaluates whether security measures for systems and applications are implemented properly, identifies security issues, and improves them. Specifically, the following items are investigated and evaluated:

  • System configuration and settings: Whether there are software or settings with vulnerabilities
  • Access control: Whether measures to prevent unauthorized access are implemented properly
  • Data protection: Whether confidential information has been leaked
  • Log management: Whether logs for detecting security issues are collected and stored properly

Conventional security audits are often conducted manually by experts, which is not only time-consuming and costly but also makes it difficult to conduct comprehensive audits.

Therefore, we have focused on automating security audits using large language models (LLMs). LLMs are artificial intelligence technologies that can understand and generate natural language by learning a vast amount of text data.

With LLM-based security audits, vulnerabilities can be automatically detected by inputting text data such as system and application design documents into the LLM. Additionally, LLMs can propose remediation methods for vulnerabilities based on the data they have learned.

The benefits of LLM-based security audits are as follows:

  • Efficiency through automation: LLMs can significantly improve efficiency compared to manual work by experts.
  • Comprehensive audits: LLMs can conduct comprehensive audits of text data, such as system and application design documents, due to their ability to learn from vast amounts of text data and detect vulnerabilities from a wide range of perspectives.
  • Cost reduction: LLMs can reduce costs compared to manual work by experts.

Fujitsu has developed an LLM-based security audit automation technology. This technology has the following features:

  • High-precision vulnerability detection for business processes and system configurations: By using our unique business model extraction and risk model generation methods, we achieve high-precision vulnerability detection.
  • Proposal of remediation methods: The technology can propose remediation methods for vulnerabilities.
  • Customization: It can be customized to meet the security policies and compliance requirements of individual companies.

Through our LLM-based security audit automation technology, Fujitsu aims to strengthen the security measures of companies and organizations and protect them from cyberattacks.

Automating Audit for Business Process Documents

Fujitsu has also developed a demo site for its security audit automation technology using large language models (LLMs), which focuses on risk identification, analysis, and countermeasure proposals for business process documents. This demo site allows you to automatically identify, analyze, and propose countermeasures for potential security risks from business process documents using LLMs.

Here's how to use the demo site:

  1. Upload Business Process Document
  2. Click the Business Model Extraction Button
  3. Click the Security Risk and Countermeasure Analysis Button
  4. View Analysis Results and Countermeasures

This demo site can be used as a tool for companies and organizations to understand the security risks lurking in their business process documents and take appropriate measures.

Demo Site Operation Instructions

1. Uploading Business Process Documents

When you access the demo site, a screen for uploading business process documents will appear. Supported file formats include PDF, Word, and text files. You can also download a sample business process document, "Cloud System Utilization Application Manual," from the upload screen and upload it.

Figure 1: Upload screen for business process document

2. Clicking the Business Model Extraction Button

Once you have uploaded the business process document, click the "Business Model Extraction" button on the upload screen. The LLM will then extract the business processes included in the document and display the results in flowchart format.

Figure 2: Business process screen extracted from the uploaded document

3. Clicking the Security Risk and Countermeasure Analysis Button

On the screen where the business model is visualized, click the "Security Risk and Countermeasure Analysis" button. The LLM will then analyze the business processes, identify potential security risks, and analyze them, including countermeasure proposals. This process takes a few seconds to a few tens of seconds.

Figure 3: Screen during security risk analysis

4. Viewing Analysis Results and Countermeasures

When the analysis is complete, the LLM will propose analysis results and countermeasures for each risk. The analysis results include the type of threat, risk scenario, and countermeasure proposals.

Figure 4: Risk analysis result screen

The analysis results and countermeasures will be displayed on the screen. You can view the analysis results and countermeasures and use them to implement appropriate countermeasures.

Conclusion

This article has introduced LLM-based security audit automation technology and a demo site that performs risk identification, analysis, and countermeasure proposal for business process documents.

If you are interested, please log in to the Fujitsu Research Portal, view the "Security Audit Automation" page from the technology list, and try out the demo site. We would be happy to hear your feedback.