AgentSOC: A Multi-Layer Agentic AI Framework for Security Operations Automation
Capture
- arXiv: 2604.20134
- DOI: https://doi.org/10.48550/arXiv.2604.20134
- Related DOI: https://doi.org/10.1109/ICAIC67076.2026.11395783
- Venue note: IEEE ICAIC 2026
- Submitted: 2026-04-22
- Source URL: https://arxiv.org/abs/2604.20134
Abstract Summary
AgentSOC proposes a multi-layer agentic AI framework for SOC automation. It normalizes alerts, enriches context, generates hypotheses, validates structural feasibility, and recommends policy-compliant responses. The paper reports conceptual evaluation in a large enterprise setting and a minimal LANL authentication-data proof of concept.
Why It Matters For The Wiki
This source directly maps to Agentic SOC and safe response automation. It can help distinguish SOC agents that only summarize evidence from agents that plan and recommend containment actions under policy constraints.
Recommended Ingest Notes
- Extract layers, control boundaries, and claims about safe containment.
- Compare with RQ candidates around agentic SOC provenance, response safety, and bounded autonomy.