Revolutionizing Cybersecurity: The Impact of AI-Driven Patching

At RSAC 2024, a Google researcher highlighted the promising potential of generative AI in addressing one of cybersecurity's most persistent challenges: patching vulnerabilities. Software flaws left unpatched remain a major weak point, often leading to costly data breaches—averaging $4.17 million per incident, as reported in IBM's "Cost of a Data Breach Report 2023."

The core issue is speed: organizations struggle to patch vulnerabilities as quickly as threat actors exploit them. According to Verizon's "2024 Data Breach Investigations Report," malicious scanning typically begins within five days of a critical vulnerability being disclosed. Yet, two months after fixes are released, nearly half of these vulnerabilities remain unpatched.

Generative AI offers a promising solution. By not only identifying bugs but also generating fixes, AI could significantly close this gap. Google’s internal experiments using its large language model (LLM) have shown encouraging results, with the AI successfully patching 15% of targeted software bugs.

Google’s Experiment with AI-Driven Patching

During the conference, Elie Bursztein, Google DeepMind's cybersecurity technical lead, discussed the company’s efforts to test AI in various security roles. Among these, the use of generative AI to identify and patch vulnerabilities in Google’s codebase stands out as a game-changer.

In one experiment, Google researchers provided a Gemini-based AI model with 1,000 simple vulnerabilities discovered in their C/C++ codebase. The AI was tasked with generating and testing patches, presenting the best solutions for human review. Impressively, 15% of the patches were approved and integrated into Google’s codebase.

"Instead of a software engineer spending two hours per fix, AI now generates viable patches in seconds," noted researchers Jan Nowakowski and Jan Keller. The implications are significant—scaling this capability could save months of engineering effort annually.

The Promise of AI in Patch Management

Bursztein underscored several advantages AI-driven patching could bring to cybersecurity:

• Faster Detection and Resolution: AI models can enhance tools like fuzzers, enabling them to find and fix bugs more efficiently.
• Reduced Manual Workload: By assisting human teams in patch creation, AI lightens the burden of managing vulnerabilities.
• Prevention at the Source: With further advancements, AI could eventually catch and fix bugs at the commit stage, eliminating vulnerabilities before they reach production. This “holy grail” scenario, as Bursztein described it, could make software inherently safer.

Challenges on the Path to Autonomous Patching

While the initial results are promising, significant obstacles remain before AI can autonomously handle patching at scale:

• Complexity of Bugs: The AI proved more adept at resolving simple vulnerabilities, struggling with more complex issues.
• Validation of Fixes: Human review is still necessary to ensure patches address vulnerabilities without introducing new issues.
• Training and Data Sets: Robust training data is needed to teach AI how to both fix vulnerabilities and preserve software functionality. One humorous example highlighted the AI “solving” a bug by simply deleting the affected code.

Despite these hurdles, Bursztein remains optimistic. With continued innovation and collaboration within the cybersecurity community, AI-driven patching has the potential to minimize vulnerability windows, transforming the way organizations approach security.

“The journey will be challenging, but the benefits are enormous,” Bursztein said. “If we succeed, we could redefine cybersecurity for the better.”

Source : How AI-driven patching could transform cybersecurity | TechTarget