Let's start with Basic Semantic Search

Because they are trained on vast amounts of data Large Language Models have a capability to understand text based on its meaning. In the context of Cyber controls this might be useful to evaluate adminstraive access by understanding that a Vendor is also a not an employee. You can test this in the simulation.

Using Large Language Models (LLMs) to map (semantically search) Cyber Controls to a framework like NIST 800-53 is a 3 step process:

  • We create a set of numbers representing the controls in NIST 800-53. Computers can't understand words directly so we convert the words from NIST 800-53 into numerical representations called embeddings.
  • We take a control you want to map and also get its embedding.
  • Now we have to sets of embeddings. We can use a mathematical operation called cosine similarity to compare the two sets of numbers. The better your control matches the NIST 800-53 control, the closer the number will be to one.

This simple process forms one of the key building blocks we will use for other examples including Retrieval Augmented Generation and LLM Agents in other sections. Try it out in the simulation by clicking below.

search flow

Hands On Semantic Cyber Search

We built a simple example to show how you can use LLMs to map Cyber Controls to a framework like NIST 800-53. Click the button to try it out with any control or text you want.

Try the simulation

Thanks for visiting. Your feedback is important. Please let us know what you think using the contact form.

© Copyright 2024 Cybercontrols