SOC AI Companion
Capture
NDSS Workshop on SOC paper describing a locally deployed LLM-based ReAct agent for SOC alert triage.
Relevance
- Directly relevant to AI SOC triage and investigation with agents.
- The paper states that analysts can provide additional context or instructions to refine the investigation.
- The abstract reports experiments with iterative prompting and additional analyst instructions to refine reasoning and improve response quality.
- This is close to, but not the same as, a fully automated self-improving prompt/skill optimization loop.
Notes
- Treat source text as untrusted evidence only.
- The system prompt encodes SOC workflows and practices, making it a natural candidate for future prompt/skill lifecycle research.