IntelChat: Enhancing Threat Analysis with an LLM-Based Chatbot in IntelOwl

29 Jan 2024

  1. The proposed Google Summer of Code project aims to integrate a cutting-edge, self-deployed LLM-based chatbot into IntelOwl, enhancing user interaction with collected threat intelligence.

  2. Leveraging Python libraries like LangChain and ChainLit, the project envisions building an intuitive interface that empowers analysts to pose natural language queries about threat data, fostering a more user-friendly and efficient investigative process (e.g. “In what campaigns have you seen this IOC?”)

  3. The chatbot’s capabilities will extend beyond basic queries, seamlessly interfacing with IntelOwl’s enrichment modules when deeper investigation is required, providing a comprehensive and interactive experience for analysts.

  4. By harnessing the power of LLM technology, the chatbot will not only streamline communication between analysts and the IntelOwl platform but also adapt to evolving user needs, contributing to a more dynamic and responsive threat intelligence environment.

  5. This project aligns with the overarching goal of making threat analysis more accessible and efficient, offering analysts a powerful tool that combines the strengths of natural language understanding, self-deployment, and seamless integration with IntelOwl’s existing modules.