AI Insights

The AI Insights Assistant is your intelligent security companion that helps you analyze vulnerabilities, understand threats, and make informed decisions about your security posture. Access it from the header of your dashboard or directly from vulnerability cards.

Accessing the Insights Assistant

From the Dashboard Header

Click the Insights Assistant icon (✨) in the top navigation bar of your main dashboard to open the AI assistant panel.

From Vulnerability Cards

Each vulnerability card has an Insights icon that opens the assistant with context about that specific vulnerability, allowing you to ask targeted questions.

AI Model Selection

Choose from multiple AI models based on your needs:

Deepseek Chat

Fast, general-purpose chat with strong reasoning capabilities. Best for most security analysis tasks.

Gemini 2.0-flash

Best for fast responses and quick summaries. Ideal when you need rapid answers.

OpenAI: GPT-4o

Advanced model for reasoning and multimodal input. Excellent for complex security analysis.

Cloudflare: Llama 70b

Accurate, open-source model for detailed answers and comprehensive analysis.

Cloudflare: Deepseek 32b

Great for coding and technical queries. Ideal for understanding technical vulnerabilities.

Cloudflare: Mistral 24b

Balanced model for chat and summaries. Good for general-purpose queries.

Claude Sonnet-4

Claude Sonnet-4 - Deep reasoning, long-context, coding capable. Best for complex tasks requiring extensive analysis.

Claude Sonnet 3-7

Claude 3.7 - Fast, smart, coding capable. Efficient for quick technical assessments.

Mistral Large

Reasoning, general-purpose tasks, chat, instruction following. Versatile for various security questions.

Mistral Code Agent

Code completion, generation, debugging. Specialized for code-related vulnerabilities.

Note: Select your preferred model from the dropdown menu at the bottom of the assistant panel.

Predefined Questions

Get instant answers to common security questions by clicking on any of these predefined queries:

Critical Vulnerabilities

What are the top critical vulnerabilities currently affecting my environment?

Get an overview of your most severe vulnerabilities that require immediate attention, ranked by severity and potential impact.

Active Exploits

Which vulnerabilities are actively being exploited in the wild?

Identify which of your vulnerabilities have known active exploitation, helping you prioritize remediation based on real-world threat activity.

New Detections

What new vulnerabilities have been detected since my last scan?

Track newly discovered vulnerabilities in your environment to stay on top of your changing security landscape.

Exposed Assets

Which assets or systems are most exposed to attacks based on open ports, misconfigurations, and vulnerabilities?

Understand which systems are most at risk based on multiple factors including network exposure, configuration issues, and known vulnerabilities.

Exploit & Ransomware Associations

Do any of my vulnerabilities have public exploits or ransomware associations?

Determine if your vulnerabilities are being actively targeted by threat actors or have been associated with ransomware campaigns.

Open Ports Analysis

What are the most commonly open ports across my network, and do they pose security risks?

Get insights into network exposure through open ports and understand which ones represent security concerns.

External-Facing Services

Which external-facing services are exposed and potentially vulnerable?

Identify internet-exposed services that may increase your attack surface and require additional security measures.

Remediation Actions

What are the recommended actions to remediate high-risk vulnerabilities?

Receive prioritized, actionable remediation guidance for your most critical security issues.

Attack Surface Reduction

How can I reduce my attack surface based on current findings?

Get strategic recommendations for minimizing your organization's exposure to potential attacks.

Misconfigurations

Are there any misconfigurations in my network that increase my attack surface?

Identify configuration issues that may be creating unnecessary security risks in your environment.

Custom Questions

Asking Your Own Questions

Type any security-related question in the message box at the bottom of the assistant panel. The AI can help with:

Vulnerability Analysis: Understanding specific CVEs, their impact, and remediation steps
Threat Intelligence: Information about exploit availability, threat actors, and attack patterns
Risk Assessment: Evaluating the severity and priority of vulnerabilities
Remediation Guidance: Step-by-step instructions for fixing security issues
Compliance Questions: Understanding how vulnerabilities affect compliance requirements
Network Security: Questions about ports, services, and network exposure
Best Practices: Security recommendations and industry standards

Example Custom Questions

"Explain CVE-2024-1234 in simple terms"
"What is the CVSS score for this vulnerability and what does it mean?"
"How difficult is it to exploit this vulnerability?"
"What patches are available for this issue?"
"Which vulnerabilities should I prioritize this week?"
"Are there any workarounds if I can't patch immediately?"
"What are the potential business impacts of this vulnerability?"

AI Capabilities

Web Search Integration

The Insights Assistant can search the web for the latest threat intelligence, exploit information, and security advisories. This ensures you get up-to-date information about emerging threats.

What it searches for:

Latest CVE details and updates
Active exploitation reports
Security vendor advisories
Patch availability information
Threat intelligence feeds

Database Connectivity

The assistant can query your organization's vulnerability database to provide context-specific answers based on your actual security posture.

What it can access:

Your current vulnerability scan results
Historical scan data
Asset inventory
Previous remediation actions
Compliance status

Recent Chat History

Access your previous conversations with the Insights Assistant to:

Review past analysis and recommendations
Track the evolution of your security posture
Reference previous guidance
Continue interrupted conversations

Click Show more to expand the chat history or use the history icon to browse past conversations.

Using the Assistant Effectively

Best Practices

Be Specific: Provide details about the vulnerability, asset, or concern you're asking about.

Provide Context: Share relevant information like CVE IDs, asset names, or specific findings from your scans.

Ask Follow-up Questions: Dig deeper into answers by asking for clarification or additional details.

Combine Predefined and Custom Questions: Start with a predefined question, then ask custom follow-ups for more specific information.

Use the Right Model: Select the AI model that best matches your query complexity and needs.

Example Workflow

Click a predefined question like "What are the top critical vulnerabilities currently affecting my environment?"
Review the AI's response about your critical vulnerabilities
Ask a follow-up: "Tell me more about the first vulnerability - how is it being exploited?"
Request guidance: "What are the exact steps to remediate this?"
Verify completion: "How can I verify the vulnerability has been fixed?"

Understanding AI Responses

Required Vulnerability Details

When asking about exploit availability or ransomware associations, the AI may request:

CVE IDs or vulnerability names: Specific identifiers for the vulnerabilities
Software/package names and versions: What software is affected
Vulnerability scan results or reports: Raw data from your scans

What the AI Can Analyze

Once you provide the necessary data, the assistant can check:

Public exploit availability: ExploitDB, Metasploit, etc.
Known ransomware campaigns: Specific vulnerabilities targeted by ransomware
CVSS scores and severity ratings: Industry-standard risk scores
Patch availability and remediation guidance: Official fixes and workarounds
Threat intelligence: Information from sources like CISA KEV catalog

Common Sources the AI Checks

CISA Known Exploited Vulnerabilities (KEV) catalog
NVD vulnerability database
Security vendor threat intelligence
Exploit repositories and security research

Response Time and Availability

Typical Response Times

Simple queries: 2-5 seconds
Complex analysis: 10-30 seconds
Web search queries: 15-45 seconds
Database queries: 5-15 seconds

Model Performance

Different models have varying response times:

Fastest: Gemini 2.0-flash, Claude Sonnet 3-7
Balanced: Deepseek Chat, Mistral 24b
Most Thorough: Claude Sonnet-4, GPT-4o

Privacy and Security

Data Handling

All queries and responses are:

Encrypted in transit
Not shared with third parties
Used only for providing assistance
Logged for quality improvement (anonymized)

Sensitive Information

Do not share:

Passwords or API keys
Personal identifiable information (PII)
Confidential business information
Credentials or authentication tokens

The assistant is designed to help with vulnerability analysis and security guidance without requiring sensitive data.

Limitations

What the AI Cannot Do

Direct system access: Cannot directly scan, patch, or modify your systems
Real-time monitoring: Provides analysis of existing data, not live monitoring
Guaranteed accuracy: AI responses should be validated, especially for critical decisions
Legal advice: Security guidance only, not legal or compliance advice

Feedback and Improvement

Providing Feedback

After each AI response, you can:

Rate the helpfulness of the answer
Report inaccurate information
Suggest improvements

Your feedback helps improve the Insights Assistant for all users.

Continuous Improvement

The AI models are regularly updated with:

Latest threat intelligence
New vulnerability information
Improved analysis capabilities
Enhanced reasoning abilities

Keyboard Shortcuts

Enter: Send message
Shift + Enter: New line in message
Esc: Close assistant panel
↑: Edit last message

Frequently Asked Questions

Can the AI access my vulnerability scan data?

Yes, when connected to your organization's database, the assistant can analyze your actual scan results to provide context-specific answers.

How current is the threat intelligence?

The AI can perform web searches to access the latest threat intelligence, exploit information, and security advisories published within the last few hours.

Can I use the assistant without connecting to my database?

Yes, you can ask general security questions, get CVE information, and receive remediation guidance without database access. Database connectivity enhances answers with your specific environment context.

Which AI model should I use?

Use Gemini 2.0-flash for quick answers
Use Claude Sonnet-4 or GPT-4o for complex analysis
Use Mistral Code Agent for code-related vulnerabilities
Use Deepseek Chat as your default all-purpose model

How do I access my chat history?

Click the history icon (🕒) in the assistant header or scroll up in the chat panel to view recent conversations.

Can multiple team members use the assistant simultaneously?

Yes, each user has their own assistant instance with separate chat history and context.

The AI Insights Assistant is continuously learning and improving. Your usage and feedback help make it more valuable for the entire security community.

Accessing the Insights Assistant​

From the Dashboard Header​

From Vulnerability Cards​

AI Model Selection​

Deepseek Chat​

Gemini 2.0-flash​

OpenAI: GPT-4o​

Cloudflare: Llama 70b​

Cloudflare: Deepseek 32b​

Cloudflare: Mistral 24b​

Claude Sonnet-4​

Claude Sonnet 3-7​

Mistral Large​

Mistral Code Agent​

Predefined Questions​

Critical Vulnerabilities​

Active Exploits​

New Detections​

Exposed Assets​

Exploit & Ransomware Associations​

Open Ports Analysis​

External-Facing Services​

Remediation Actions​

Attack Surface Reduction​

Misconfigurations​

Custom Questions​

Asking Your Own Questions​

Example Custom Questions​

AI Capabilities​

Web Search Integration​

Database Connectivity​

Recent Chat History​

Using the Assistant Effectively​

Best Practices​

Example Workflow​

Understanding AI Responses​

Required Vulnerability Details​

What the AI Can Analyze​

Common Sources the AI Checks​

Response Time and Availability​

Typical Response Times​

Model Performance​

Privacy and Security​

Data Handling​

Sensitive Information​

Limitations​

What the AI Cannot Do​

Feedback and Improvement​

Providing Feedback​

Continuous Improvement​

Keyboard Shortcuts​

Frequently Asked Questions​

Can the AI access my vulnerability scan data?​

How current is the threat intelligence?​

Can I use the assistant without connecting to my database?​

Which AI model should I use?​

How do I access my chat history?​

Can multiple team members use the assistant simultaneously?​