AI Chat Assistant
AI Chat Assistant
Section titled “AI Chat Assistant”The AI Chat Assistant provides interactive help within NEURO. Ask questions, get recommendations, and receive guidance on security topics and platform usage.
Overview
Section titled “Overview”The Chat Assistant helps with:
- Platform navigation and usage
- Security best practices
- Finding documentation guidance
- Report writing tips
- General security questions
Accessing the Assistant
Section titled “Accessing the Assistant”Chat Panel
Section titled “Chat Panel”- Click the Chat icon in the header
- Select AI Assistant conversation
- Type your question
- Receive AI response
Context Menu
Section titled “Context Menu”Right-click on findings or content for contextual AI help:
- “Explain this vulnerability”
- “Suggest improvements”
- “Generate remediation steps”
What You Can Ask
Section titled “What You Can Ask”Platform Help
Section titled “Platform Help”Ask about NEURO features:
- “How do I import Nmap results?”
- “Where can I find report templates?”
- “How do I assign team members to a project?”
- “What keyboard shortcuts are available?”
Security Guidance
Section titled “Security Guidance”Get security recommendations:
- “What’s the typical remediation for SQL injection?”
- “How should I rate the severity of missing HSTS?”
- “What evidence should I capture for XSS findings?”
- “Best practices for penetration test scoping”
Writing Assistance
Section titled “Writing Assistance”Improve your documentation:
- “Help me write an executive summary”
- “Suggest better wording for this remediation”
- “How should I describe this finding’s impact?”
- “Review this description for clarity”
Technical Questions
Section titled “Technical Questions”Security technical topics:
- “Explain CVSS 3.1 attack complexity”
- “What’s the difference between stored and reflected XSS?”
- “How does IDOR differ from broken access control?”
- “Explain the OWASP Top 10 2021 changes”
Chat Interface
Section titled “Chat Interface”Conversation View
Section titled “Conversation View”- Messages appear in chronological order
- AI responses are formatted with markdown
- Code blocks are syntax highlighted
- Links are clickable
Input Area
Section titled “Input Area”- Type questions in the text field
- Press Enter or click Send
- Supports multi-line input (Shift+Enter)
Conversation History
Section titled “Conversation History”- Conversations are saved
- Return to previous discussions
- Search past conversations
Tips for Better Responses
Section titled “Tips for Better Responses”Be Specific
Section titled “Be Specific”Better: “How do I configure CVSS temporal metrics for a finding that has a public exploit but no patch available?”
Less effective: “CVSS help”
Provide Context
Section titled “Provide Context”Better: “I found SQL injection in a healthcare application’s patient search feature. How should I describe the impact considering HIPAA requirements?”
Less effective: “Write SQL injection impact”
Ask Follow-ups
Section titled “Ask Follow-ups”Continue conversations for clarity:
- Ask initial question
- “Can you elaborate on point 2?”
- “What about in cloud environments?”
- “Give me an example”
Example Conversations
Section titled “Example Conversations”Finding Help
Section titled “Finding Help”You: How should I document a finding where default credentials are used on an internal network device?
AI: For a default credentials finding, document these key aspects:
**Title**: Default Credentials on [Device Type]
**Description**: - Device type and model - Default username/password used - Access level granted
**Impact**: - Unauthorized access risk - Potential lateral movement - Data exposure possibilities
**Remediation**: - Change default credentials immediately - Implement password policy - Consider privileged access management
**Evidence**: - Screenshot of successful login - Device configuration showing defaults
Would you like me to help with any specific section?Report Writing
Section titled “Report Writing”You: Help me write an executive summary for a penetration test that found 3 critical, 5 high, and 12 medium findings
AI: Here's a template executive summary:
---
## Executive Summary
[Company Name] engaged [Your Company] to perform a penetration test of [scope]. Testing was conducted from [date] to [date].
### Key Findings
The assessment identified **20 vulnerabilities**: - 3 Critical-severity issues requiring immediate attention - 5 High-severity issues requiring prompt remediation - 12 Medium-severity issues for planned remediation
### Critical Issues
The critical findings include: 1. [Brief description of critical 1] 2. [Brief description of critical 2] 3. [Brief description of critical 3]
These issues pose significant risk and should be addressed within [timeframe].
### Recommendations
We recommend prioritizing remediation of critical and high findings within 30 days...
---
Would you like me to adjust the tone or expand any section?Limitations
Section titled “Limitations”The AI Assistant:
- Cannot access external websites in real-time
- May not have latest CVE data (use CVE lookup instead)
- Cannot modify findings or data directly
- Provides guidance, not absolute answers
Privacy
Section titled “Privacy”Chat conversations:
- Stay within your tenant
- Are not used to train AI
- Can be deleted by you
- Follow same privacy as other data
Best Practices
Section titled “Best Practices”Use for Drafting
Section titled “Use for Drafting”- Get initial content from AI
- Review and refine
- Add your expertise
- Verify accuracy
Learn the Platform
Section titled “Learn the Platform”- Ask how-to questions
- Discover features
- Understand workflows
- Get tips and tricks
Improve Quality
Section titled “Improve Quality”- Ask for feedback on writing
- Get alternative phrasings
- Learn best practices
- Enhance documentation
Next: Explore Integrations