paint-brush
AI Agents Could Be Running Your Security Operations Center (SOC) To Prevent Attacksby@kpr
454 reads
454 reads

AI Agents Could Be Running Your Security Operations Center (SOC) To Prevent Attacks

by Keyur Rajyaguru8mJanuary 22nd, 2025
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

The potentiality of Large Language Models (LLMs) extends beyond generating great stories and programs. AI Agents and agentic AI systems use GenAI models and LLMs to autonomously perform tasks on behalf of end users. AI Agents operate in a continuous cycle where they take inputs and process them to take necessary actions. This cycle is continuous and allows the agent to change behavior dynamically as required. Rule-based systems, machine-learning models, or decision trees can implement the agent's function. As our reliance on AI-enabled hyper-automation increases, we will leverage human expertise to design robust Workflows capable of managing repetitive tasks.
featured image - AI Agents Could Be Running Your Security Operations Center (SOC) To Prevent Attacks
Keyur Rajyaguru HackerNoon profile picture
0-item
1-item

Abstract

It is becoming increasingly complex to defend against zero- to low-cost attacks generated by Threat Actors (TA) as they leverage sophisticated Generative AI (Gen AI)-enabled infrastructure. TAs try to use AI tools in their attack planning to make social engineering schemes, convincing phishing emails, deepfake videos, different types of malwares, and many other types of attack vectors. A potential solution to defend against these challenges is to enable the use of GenAI and AI Agents in the Security Operations Center (SOC). An orchestrated Workflow with a team of AI Agents presents an opportunity to respond better. In traditional detection and response, detections are not easily achieved, and manual responses cannot match the required machine-level speed. To avoid burnout and alert fatigue of SOC analysts, a shift in the SOC strategy is required by automating routine tasks using AI Agents.’

What is a SOC?

A Cyber Security Operations Center (SOC) is a unit within an organization responsible for monitoring and responding to cyber threats in real time. The team of cybersecurity analysts operates 24/7 to investigate alerts, determine their severity, and take necessary actions.

What is an Alert and what does a SOC Analyst do in general?

Detection logic triggers an 'Alert' when it meets specific thresholds or behaviors. A human analyst performs multiple decisions to respond to each alert with accuracy. Generally, working an alert involves developing context about the user involved, activity concerned, the nature of the system involved, and a detailed investigation of what had happened. To deal with an alert, an analyst has to do many things, such as, looking for strange things in network traffic, examining multiple processes and log sources, checking HTTP headers, sandboxing, decoding obfuscated scripts, scanning and isolating devices, blocking malicious indicators of compromise, quarantining malicious payloads, removing malicious emails from users' inboxes, collecting artifacts, resetting credentials, making reports, and more, depending on the situation.


Analysts also use several tools and technologies like Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), Endpoint Detection and Response (EDR), Open-Source Intelligence (OSINT), and many others to complete these tasks.


If required, a SOC analyst is also responsible for involving multiple other teams, like cyber intelligence, threat hunting, legal, incident response and management, data assurance, network security, cloud security, identity and access management, and others. In addition, an analyst must also be on the lookout for any undetected suspicious events that were taking place during the corresponding timeframe of the alerted event. An analyst performs all these tasks in real-time, often under immense pressure to ensure that no genuine positive events are missed. YES, THAT IS A LOT!


Fortunately, many of these manual and repetitive tasks can be automated by AI Agents and Workflows, making the job of an analyst more efficient and reducing response times. In many cases, integrated AI Agents can handle alerts end-to-end, provided they have the required permission to make changes.

Understanding Automation and Agents

Every industry relies on some form of automation to offload simple and mechanical human labor. People heavily use Robotic Process Automation (RPA) to automate repetitive tasks, and it excels when used with pre-defined rules. RPA cannot make new decisions, cannot learn from feedback, and needs constant human oversight. An automated system of multiple such Agents is not flexible, and making changes to those systems can be tedious. These traditional automation Agents do not have any memory or feedback loop to evolve on their own and attempt to make human-like decisions.

Understanding AI Agents

The potentiality of Large Language Models (LLMs) extends beyond generating great stories and programs. AI Agents and agentic AI systems use GenAI models and LLMs to autonomously perform tasks on behalf of end users. Think of AI Agents as advanced software programs that can perform a task automatically, like traditional automation Agents, and they can also tune their behavior dynamically. Interactions with these Agents can be in the form of a natural language prompt from a user or a function call from another agent. AI Agents can tune their actions according to the new training data received in the form of feedback. In an LLM-powered autonomous agent system, LLM functions as the agent’s brain, complemented by several other tools, playbooks, and memory. For more robust Agents, we must limit the scope of Agents. Instead of expecting a single agent to work autonomously, a system of AI Agents can be used at scale to achieve a high level of intelligent automation that may gradually develop and replicate human-like decision-making abilities.


Figure 1 : AI Agent


AI Agents operate in a continuous cycle where they take inputs and process them to take necessary actions. This cycle is continuous and allows the agent to change behavior dynamically as required. Rule-based systems, machine-learning models, or decision trees can implement the agent's function. A simplified overview of AI Agents is as below. There can be different variations and overlap in these categories:


  • Simple Reflex Agents: Act based on the current state of the environment. Respond to immediate conditions with predefined rules.
  • Model-Based Reflex Agents: Maintain an internal model of the environment. Consider past states to make decisions beyond immediate input.
  • Goal-Based Agents: Have defined goals and evaluate actions based on progress towards those goals. Select actions that move them closer to their objectives.
  • Utility-Based Agents: Optimize performance based on a utility function. Make decisions that maximize expected happiness or satisfaction.
  • Learning Agents: Improve performance by learning from experience. Adapt and refine their behavior over time.

Concept of an AI Agent-Enabled Semi-Autonomous Cyber Security Operations Center (SOC)

To handle an alert, SOC analysts rely on the Standard Operating Procedure (SOP) or a playbook to ensure that nothing is missed while addressing a potential threat. SOPs and playbooks also ensure consistency among actions taken by different analysts. SOPs and playbooks are a set of repetitive tasks that can be automated. Static automation struggles to adjust to dynamic requirements and is difficult to modify. AI Agents can solve this problem as they adapt to new information and tweak actions accordingly. Integrating these procedures as instructions to the Agents can dramatically increase response speed and reduce human errors.


Figure 2 : Conceptual block diagram of a semi-autonomous SOC

Descriptions of different AI Agents can be found below:

Data Ingestion & Enrichment Agents:

  1. Alert Fetcher: Receives alerts from various security tools (SIEM, EDR, IDS/IPS, etc.).

  2. Alert Aggregator: Correlates, deduplicates, and prioritizes alerts.

  3. Entity Extractor: Extracts key entities (IP addresses, user accounts, endpoints, etc.).

  4. Context Collector: Gathers relevant contextual information (user role, previous alerts, nature of endpoints, access levels, membership, file prevalence etc.).

  5. Enrichment Agent: Enriches entities with threat intelligence and context.

    Investigation & Analysis Agents:

  6. Investigator Agent: Assigns an alert to the AI SOC analyst and attempts to develop a context based on the rules triggered. Investigator Agent evaluates responses from other AI Agents.

  7. Evidence Collector: Collects and preserves relevant evidence for that alert.

  8. Evidence Analyzer: Sand-boxing files, scanning URLs, decoding scripts, etc.

Decision Making & Response Agents:

  1. Action Determiner: Recommends appropriate actions (block, quarantine, isolate).

  2. Action Sequencing Agent: Determines the optimal order for executing actions.

  3. Note Maker Agent: Documents the incident investigation and response process.

  4. Decision Maker Agent: Evaluates overall response strategy.

  5. Responder Agent: Executes automated actions based on the sequence.

  6. Escalation Agent: Escalates critical incidents to human analysts.

    Control & Coordination Agents:

  7. Notification Agent: Notifies relevant personnel of critical alerts.

  8. Error Reporting Agent: Monitors and reports errors within the AI Agents and integrations.

  9. Verification Agent: Monitors the executed actions and makes sure desired actions are completed. Note: This is a simplified representation. Real-world implementations may involve more complex interactions and additional AI Agents.


Note: This is a simplified representation. Real-world implementations may involve more complex interactions and additional AI Agents.

Example of an unwanted software found on a system

In this simple hypothetical situation, a malicious tool named ‘ThisIsBad.exe’ was found on a host called ‘theonlyhost-win’. The SIEM triggered an alert based on the executable's bad reputation of enumerating usernames on the device. In this case, the EDR policies were set to only ‘Alert’ and not ‘Block’ or ‘Remove’. The Alert Fetcher Agent receives the alert from SIEM, and the Entity Extractor Agent extracts key entities like user name ‘theusualsuspect’, hostname, and file name. Enrichment Agent now enriches file information with threat intelligence, like reputation and behavior, via dynamic analysis information. The Investigator Agent assigns an alert to the AI SOC analyst and communicates with the Evidence Collector Agent and Evidence Analyzer Agent to preserve the file, run it in the sandbox, and grab detailed behavior. Investigator Agent evaluates the results and notices suspicious behavior based on enumerating users logged in on the device based on the integrations and constant communications with a custom LLM trained to recognize suspicious patterns in the behavior of file execution. Decision-making and Response Agents collectively block the file, delete it, initiate a live scan on the device, make notes, and recommend policy changes to human analysts.


The below figure gives an idea of how the AI Agents will work together and take actions at a very high speed. This representation may change in actual implementation and may involve more communications among the AI Agents, LLM, custom playbooks, and all necessary sources of information. The AI Agents will learn this behavior and automatically execute actions if the same file is spotted next time. This capability of an AI Agent-enabled semi-autonomous SOC system, if implemented correctly, will save a lot of time and resources for the organization and strengthen the security posture.

Figure 3: High Level view of AI Agents in Action


Integrating AI Agents enabled Workflows in the SOC ecosystem

The true power of the above framework emerges when the AI Agents are combined within other areas of SOC Workflows. In the SOC, some important actions besides handling the alerts are manual, like sending emails, raising tickets with different teams, updating and closing the cases, logging them for future reference, etc. Creating a Workflow allows AI Agents to operate independently to some extent and continuously improve over time.  Hyper-automation is required to handle real-world scenarios in the SOC. It is also crucial to balance autonomy with high precision by keeping a human in the loop. Recent advancements allow for the building of flexible Workflows with native integrations across multiple platforms and products. The ability to quickly produce a sophisticated Workflow for handling custom scenarios will be the key to this transition to a semi-autonomous SOC. As our reliance on AI-enabled hyper-automation increases, we will optimally leverage human expertise to design robust Workflows capable of managing repetitive tasks.

Challenges

  1. Models limit Agents, so it's crucial to rigorously train and test them in a cybersecurity context.

  2. AI models perform best on data similar to their training data. Unfamiliar environments can significantly impact their effectiveness.

  3. AI models and AI Agents themselves can be targets for attacks, compromising the system's effectiveness.

  4. Traceability of AI Agents is also a key piece to ensure that the SOC sees all the actions taken in case an incident needs to be revisited.

  5. We must thoroughly evaluate the risk of granting access to tools, user data, documents, SOPs, etc.


In Addition to the above challenges, organizations might face unknown challenges based on the current maturity level of their SOC capabilities and the resources involved in implementing the new approach.

References:

[1. https://cetas.turing.ac.uk/sites/default/files/2024-07/cetas_briefing_paper_-evaluating_malicious_generative_ai_capabilities.pdf ](https://1. https://cetas.turing.ac.uk/sites/default/files/2024-07/cetas_briefing_paper-_evaluating_malicious_generative_ai_capabilities.pdf)

[2. https://arxiv.org/pdf/2311.10751](https://2. https://arxiv.org/pdf/2311.10751)

[3. https://lilianweng.github.io/posts/2023-06-23-agent/](https://3. https://lilianweng.github.io/posts/2023-06-23-agent/)

[4. https://towardsdatascience.com/the-llm-triangle-principles-to-architect-reliable-ai-apps-d3753dd8542e](https://4. https://towardsdatascience.com/the-llm-triangle-principles-to-architect-reliable-ai-apps-d3753dd8542e)

[5. https://medium.com/@cpdough/building-ai-Agents-lessons-learned-over-the-past-year-41dc4725d8e5](https://5. https://medium.com/@cpdough/building-ai-Agents-lessons-learned-over-the-past-year-41dc4725d8e5)

[6. https://services.google.com/fh/files/misc/how-ai-can-reverse-defenders-dilemma.pdf ](https://6. https://services.google.com/fh/files/misc/how-ai-can-reverse-defenders-dilemma.pdf)

[7. https://www2.deloitte.com/content/dam/Deloitte/us/Documents/risk/us-design-ai-threat-report-v2.pdf](https://7. https://www2.deloitte.com/content/dam/Deloitte/us/Documents/risk/us-design-ai-threat-report-v2.pdf)

[8. https://botnirvana.org/agentic-process-automation-apa-revolutionizing-digital-automation-with-ai-Agents/](https://8. https://botnirvana.org/agentic-process-automation-apa-revolutionizing-digital-automation-with-ai-Agents/)

[9. https://softwareanalyst.substack.com/p/revolutionizing-secuity-operations](https://9. https://softwareanalyst.substack.com/p/revolutionizing-secuity-operations)

[10. https://www.cybersec-automation.com/p/blueprint-for-ai-Agents-in-cybersecurity](https://10. https://www.cybersec-automation.com/p/blueprint-for-ai-Agents-in-cybersecurity)

[11. https://www.cybersec-automation.com/p/rise-agentic-process-automation-cybersecurity](https://11. https://www.cybersec-automation.com/p/rise-agentic-process-automation-cybersecurity)

[12. https://intezer.com/blog/alert-triage/is-agentic-ai-the-new-cybersecurity-buzzword-for-2025/](https://12. https://intezer.com/blog/alert-triage/is-agentic-ai-the-new-cybersecurity-buzzword-for-2025/)

[14. https://simbian.ai/learning-center/soc](https://14. https://simbian.ai/learning-center/soc)

[13. https://mindflow.io/secops](https://13. https://mindflow.io/secops)