Skip to content
NEURO Documentation

AI Assistant Overview

AI Assistant Overview

Section titled “AI Assistant Overview”

NEURO integrates advanced AI capabilities to accelerate your security assessment workflow. From generating finding descriptions to providing intelligent recommendations, the AI Assistant helps you work faster while maintaining quality.

AI Capabilities

Section titled “AI Capabilities”

Finding Generation

Section titled “Finding Generation”

Automatically generate comprehensive finding documentation from just a title:

  • Technical descriptions
  • Impact statements
  • Remediation guidance
  • CVSS scoring suggestions
  • Reference links

CVE Intelligence

Section titled “CVE Intelligence”

Real-time CVE data lookup and enrichment:

  • NVD/MITRE integration
  • Automatic CVSS population
  • Official descriptions
  • Related CWE mapping

Content Enhancement

Section titled “Content Enhancement”

Improve existing content quality:

  • Description refinement
  • Remediation improvements
  • Consistency checking
  • Professional language

Chat Assistant

Section titled “Chat Assistant”

Interactive AI assistant for:

  • Question answering
  • Documentation help
  • Workflow guidance
  • Best practice suggestions

How It Works

Section titled “How It Works”

NEURO’s AI is powered by Claude, an advanced language model trained on security knowledge:

┌─────────────────┐     ┌─────────────────┐     ┌─────────────────┐
│   User Input    │────▶│  NEURO AI     │────▶│   Generated     │
│   (Title/CVE)   │     │   Processing    │     │    Content      │
└─────────────────┘     └─────────────────┘     └─────────────────┘
                               
                               
                        ┌─────────────────┐
                        │  CVE/NVD Data   │
                        │   Enrichment    │
                        └─────────────────┘

AI Features by Module

Section titled “AI Features by Module”
ModuleAI Features
FindingsGeneration, enhancement, CVE lookup
Content LibraryTemplate generation
ChatInteractive assistance
ReportsExecutive summary generation

Getting Started with AI

Section titled “Getting Started with AI”

Enable AI Features

Section titled “Enable AI Features”

AI features are enabled by default. To verify:

  1. Go to SettingsAI Settings
  2. Confirm AI features are toggled on
  3. Test with a new finding

First AI Generation

Section titled “First AI Generation”
  1. Navigate to Findings+ New Finding
  2. Enter a vulnerability title:
    • SQL Injection in login form
    • CVE-2024-1234
    • Missing HTTP Security Headers
  3. Click Generate with AI
  4. Review the generated content
  5. Edit as needed and save

AI Best Practices

Section titled “AI Best Practices”

Input Quality

Section titled “Input Quality”

Better inputs yield better outputs:

Good inputs:

  • “SQL Injection in user search functionality”
  • “CVE-2024-21351 - Windows SmartScreen Bypass”
  • “Insecure Direct Object Reference in API endpoint /api/users/{id}”

Less effective:

  • “SQL”
  • “vulnerability”
  • “security issue”

Review AI Output

Section titled “Review AI Output”

Always review AI-generated content:

  • Verify technical accuracy
  • Check relevance to your specific finding
  • Adjust CVSS for your context
  • Add specific evidence
  • Customize remediation

Combining AI with Expertise

Section titled “Combining AI with Expertise”

AI accelerates, but doesn’t replace expertise:

  1. Use AI for initial drafts
  2. Apply your security knowledge
  3. Add context-specific details
  4. Validate recommendations
  5. Include actual evidence

Data Privacy

Section titled “Data Privacy”

What’s Sent to AI

Section titled “What’s Sent to AI”

When using AI features:

  • Finding title/description
  • Generic context about the finding
  • No client names by default
  • No sensitive evidence data

What’s NOT Sent

Section titled “What’s NOT Sent”
  • Client identifiable information
  • IP addresses or hostnames
  • Screenshots or evidence files
  • Authentication credentials
  • Full project details

Data Handling

Section titled “Data Handling”
  • AI requests are encrypted in transit
  • No training on your data
  • Responses not stored by AI provider
  • Compliant with security standards

Limitations

Section titled “Limitations”

AI Limitations

Section titled “AI Limitations”

Be aware that AI:

  • May occasionally produce inaccurate information
  • Requires validation by security professionals
  • Can’t access real-time internet data
  • May not know very recent CVEs
  • Should not replace human judgment

When Not to Use AI

Section titled “When Not to Use AI”

Consider manual entry when:

  • Finding is highly specific/unique
  • Contains sensitive context
  • Requires exact technical precision
  • AI output seems incorrect

Troubleshooting

Section titled “Troubleshooting”

AI Not Responding

Section titled “AI Not Responding”

If AI features aren’t working:

  1. Check internet connectivity
  2. Verify AI is enabled in settings
  3. Try a simpler input
  4. Contact support if persistent

Poor Quality Output

Section titled “Poor Quality Output”

If output quality is low:

  1. Provide more specific input
  2. Include relevant context
  3. Try rephrasing the title
  4. Use CVE ID if available

Next: Learn about Finding Generation