Talos Takes

Listen, download, subscribe

Apple Podcasts

Spotify

Teaching LLMs to spot malicious PowerShell scripts

Hazel welcomes back Ryan Fetterman from the SURGe team to explore his new research on how large language models (LLMs) can assist those who work in security operations centers to identify malicious PowerShell scripts. From teaching LLMs through examples, to using retrieval-augmented generation and fine-tuning specialized models, Ryan walks us through three distinct approaches, with surprising performance gains. For the full research, head to https://www.splunk.com/en_us/blog/security/guiding-llms-with-security-context.html

• 

  The trust paradox: How attackers weaponize legitimate SaaS platforms

• 

  It's not you, it's your printer: State-sponsored and phishing threats in 2…

• 

  2025's ransomware trends and zombie vulnerabilities

• 

  Cybersecurity’s double-header: 2025 insights from Talos and Splunk

• 

  Modernizing your threat hunt

• 

  Holding the line: Service provider security

• 

  IR Trends Q4 2025: Ransomware chills and phishing heats up

• 

  Cracking the code: What encryption can (and can’t) do for you

• 

  Cybersecurity certifications and you

• 

  2015 vs 2025: What the Last Decade of Threats Taught Us

• 

  When You’re Told “No Budget”: The Blueprint for Staying Secure

• 

  How Attackers Use Your Own Tools Against You (IR trends Q3 2025)

• 

  Passwordless Security: Debunking the Biggest Myths

• 

  You Can't Patch Burnout: When Cybersecurity Takes a Toll

• 

  Tampered Chef: When Malvertising Serves Up Infostealers

• 

  Inside the Black Hat NOC: Lessons in Securing One of the Wildest Networks