In order to enable security teams to more rapidly determine whether their systems are resistant to the most recent attacks, a federal lab seeks to improve the efficiency of threat emulation. According to a Pacific Northwest National Laboratory research team, an AI-based system called Agentic LLMs for Offensive Heuristic Automation, or ALOHA, can swiftly reconstruct attacks and generate variations to test defenses. According to Loc Truong, a data scientist at PNNL and a research lead on ALOHA, PNNL drastically cut the time to secure systems from weeks to hours by having a system that can generate attacks from threat reports and descriptions.

According to him, the objective is to make testing defenses against the most recent attacks as effective as possible.

"We want to be able to take a newly discovered attack, and we want to quickly replicate it and test it against internal system defenses to see if they can catch the new attack," says Truong. According to the researchers, security teams can quickly create attack emulations using the system, which may require dozens of steps and employ 20 different tactics. In an online description of ALOHA, Truong stated, "You describe what you want, in plain English, and generative AI runs the attack automatically.

The technology speeds up the defender's response so that the cybersecurity expert doesn't have to carry out quite as many operations themselves."

Click and go is the method." See also: Dark Reading Confidential: Prevent Secrets from Spreading Through Developer Platforms ## Beyond 'Am I Vulnerable?' According to Benson George, principal product strategy manager at Aviatrix, an AI-focused cloud network security company, users of MITRE's Caldera open source tool could find the process of utilizing ALOHA rather straightforward.

According to him, the company already uses Caldera for adversary emulation and intends to test the new framework, particularly if it smoothes out some of the more difficult aspects of the open source framework.