KAI

KAI (Kortext Augmented Insights) for Application and Cloud Security

Overview KAI is a GenAI-powered virtual assistant integrated into KScope’s ASPM/CSPM platform. It transforms how AppSec and cloud security teams interact with their environment by providing context-aware, real-time answers to natural language questions. KAI leverages a fine-tuned large language model (LLM) and Retrieval-Augmented Generation (RAG), drawing insights from KScope’s integrated knowledge graph—a dynamically enriched view of your application and cloud ecosystem.

Unlike traditional dashboards or static reports, KAI allows security teams to ask questions in plain English and receive actionable insights instantly, all within the boundaries of your organization’s security controls. KAI ensures secure, enterprise-grade data governance while optionally referencing vetted external sources to enhance internal insights—never compromising data privacy or compliance.

What Can KAI Do for AppSec Engineers?

KAI empowers AppSec and DevSecOps teams to:

  • Quickly identify vulnerabilities across application and cloud assets.

  • Surface high-risk misconfigurations or policy violations.

  • Prioritize threats based on business context, exposure, and asset criticality.

  • Reduce mean time to detect (MTTD) and mean time to remediate (MTTR).

  • Eliminate the need to manually sift through dashboards, asset inventories, and findings.

Common AppSec Use Cases and Questions KAI Can Answer

Question

Operational Significance

Which S3 buckets are publicly accessible?

Detecting misconfigured storage that may lead to data leaks.

Show me business-critical applications with critical CVEs unpatched for over 30 days.

Prioritizing remediation based on business impact and risk exposure.

List all internet-facing assets with high-severity vulnerabilities.

Helps focus defenses on the attack surface visible to adversaries.

Are any Kubernetes clusters running outdated images with known CVEs?

Ensures container environments are not vulnerable due to outdated components.

Which third-party dependencies in customer-facing apps have exploitable vulnerabilities?

Reduces software supply chain risk by targeting vulnerable dependencies.

Do any IAM roles have excessive permissions across production environments?

Mitigates risk of privilege escalation or lateral movement by attackers.

Are any assets failing security compliance checks (e.g., CIS, NIST)?

Assures adherence to security standards and regulatory frameworks.

What are the top 5 exploitable misconfigurations in our cloud estate today?

Enables teams to prioritize fixes that reduce the biggest risks fastest.

Which apps are running on end-of-life platforms or libraries?

Proactively mitigates risks stemming from unsupported software.

Why KAI Matters in Modern AppSec Operations

With modern cloud-native architectures and sprawling DevOps pipelines, security teams are overwhelmed by alerts, findings, and fragmented tools. KAI provides a unified, intelligent interface that lets AppSec engineers interrogate the security posture of their environments instantly—no scripting, no SQL, no manual correlations needed.

KAI accelerates decision-making and incident response while ensuring that every answer is grounded in real-time, context-rich intelligence derived from your organization's actual asset graph and security data.

Layout

The KAI page features a clean and user-friendly layout, designed for easy interaction. Key elements of the page include:

  • Sample Questions: Pre-defined, clickable questions displayed on the page that users can select to get immediate answers.

  • Input Bar: A text input field where users can type their queries or requests.

  • Send Button: The button to submit the query to KAI.

  • Session History: A sidebar on the left showing a history of previous interactions, allowing users to revisit past conversations or responses.

The layout is designed to mimic a conversational format, similar to ChatGPT, providing users with a seamless experience.

Interactivity Guidance

KAI offers a conversational, user-friendly interface that allows users to ask questions and interact with hypergraph data effortlessly. Here’s how you can use KAI:

Ask a Question:

  • Example: "What is the count of Github repositories?"

  • KAI will generate a detailed response, often presented in tables, graphs, or text.

Select a Sample Query:

  • On the KAI page, you’ll find sample questions. Clicking on any of these will instantly show a pre-generated response.

Explore Suggestions:

  • KAI provides similar query suggestions to guide your exploration further.

Explore Session Histories:

  • Past conversations are saved, just like in ChatGPT. You can revisit or continue from previous sessions to maintain workflow continuity.

Save Responses:

  • Responses, such as charts or graphs, can be saved to a Custom Analyzer by creating a new sightline. This ensures quick access to critical insights during future sessions.

Sample Inputs and Outputs

Example 1: Chart Type Response

  • Input: "Show me EC2 Instance State Distribution as a pie chart"

  • Output:

Example 2: Graph Type Response

  • Input: "Show me S3 Buckets"

  • Output:

Example 3: Text Type Response

  • Input: "What are the names of S3 Buckets"

  • Output:

Example 4: Saving to a Sightline

  • After analyzing a hypergraph, save the response (e.g., a graph) to your analyzer:

    • Click on “Create Sightline”, fill the form, and save it.

    • Go to Custom Analyzer and view your newly created sightline.

Additional Features

  • Sample Questions: Pre-defined questions are displayed on the KAI page. Users can select these questions to get immediate answers, helping them explore hypergraph features without needing to type their own queries.

  • Similar Query Suggestions: KAI offers intelligent suggestions for similar queries based on the user’s input. These suggestions help users expand or refine their queries to get more comprehensive insights.

  • Save Responses: Responses generated by KAI, such as graphs or charts, can be saved into custom analyzers by creating sightlines. This feature allows users to organize insights for future reference or deeper analysis.

  • Session Histories: The session history sidebar allows users to browse past interactions, revisit previous responses, and continue their analysis without losing context. You can easily navigate back to a previous conversation to continue from where you left off.

Notes and Best Practices

  • Be Specific in Queries: To get the most accurate responses, try to be as specific as possible with your questions. For example, instead of asking, "What is the node data?", specify the node (e.g., "What are the properties of node A?").

  • Use Sample Questions: If you're unsure how to phrase a question, start by selecting a sample question. This can guide you in structuring your own queries.

  • Refine Queries: KAI is designed to refine answers based on user feedback. If the initial response isn’t what you expected, you can ask follow-up questions to clarify or expand the answer.

  • Organize Responses: Use the save response feature to store important findings for later use. This can help when you need to refer back to insights during different stages of your analysis.

Accessibility and Support

KAI is designed to be fully accessible, with a focus on user-friendliness and efficiency. If you encounter any issues while using KAI, please contact the Kaleidoscope's support team for assistance.

KAI ensures that even users with minimal technical experience can gain meaningful insights and interact with hypergraph data in a conversational, efficient way.

PreviousJobsNextAnalyzers

Last updated

Was this helpful?