y0news
AnalyticsDigestsSourcesTopicsRSSAICrypto

#security-operations News & Analysis

6 articles tagged with #security-operations. AI-curated summaries with sentiment analysis and key takeaways from 50+ sources.

6 articles
AIBearisharXiv – CS AI · 4d ago7/10
🧠

Uncovering Vulnerabilities of LLM-Assisted Cyber Threat Intelligence

Researchers present an empirical study revealing that Large Language Models struggle with cyber threat intelligence (CTI) tasks due to domain-specific vulnerabilities rather than generic AI failures. The study identifies three failure modes—spurious correlations, contradictory knowledge, and constrained generalization—and proposes targeted defenses to improve LLM reliability in security operations.

AINeutralarXiv – CS AI · May 126/10
🧠

AI Native Asset Intelligence

Researchers introduce AI-native asset intelligence, a framework that structures fragmented security data across cloud environments to enable consistent, contextual prioritization of cybersecurity threats. The system combines asset modeling with intelligent scoring mechanisms that separate intrinsic exposure from business context, tested on 131,625 production resources across 15 vendors.

AINeutralarXiv – CS AI · May 126/10
🧠

Governing AI-Assisted Security Operations: A Design Science Framework for Operational Decision Support

Researchers propose a design science framework for governing AI-assisted security operations in high-risk environments like Security Operations Centers (SOCs), emphasizing controlled deployment before scaling. The study uses Microsoft Azure and Kusto Query Language as a technical case study, developing governance mechanisms that separate AI planning from execution while maintaining accountability, privacy, and auditability.

AINeutralarXiv – CS AI · Apr 146/10
🧠

Like a Hammer, It Can Build, It Can Break: Large Language Model Uses, Perceptions, and Adoption in Cybersecurity Operations on Reddit

A research study analyzing 892 Reddit posts from cybersecurity forums reveals how security practitioners currently use, perceive, and adopt large language models in Security Operations Centers. While practitioners leverage LLMs for productivity gains in low-risk tasks, significant concerns about reliability, verification overhead, and security risks prevent broader autonomous deployment in critical security operations.

AIBullisharXiv – CS AI · Mar 36/107
🧠

LiaisonAgent: An Multi-Agent Framework for Autonomous Risk Investigation and Governance

Researchers introduce LiaisonAgent, an autonomous multi-agent cybersecurity system built on the QWQ-32B reasoning model that automates risk investigation and governance for Security Operations Centers. The system achieves 97.8% success rate in tool-calling and 95% accuracy in risk judgment while reducing manual investigation overhead by 92.7%.

AIBullisharXiv – CS AI · Feb 276/106
🧠

Towards Small Language Models for Security Query Generation in SOC Workflows

Researchers developed a three-stage framework using Small Language Models (SLMs) to automatically translate natural language queries into Kusto Query Language (KQL) for cybersecurity operations. The approach achieves high accuracy (98.7% syntax, 90.6% semantic) while reducing costs by up to 10x compared to GPT-4, potentially solving bottlenecks in Security Operations Centers.