{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,24]],"date-time":"2026-03-24T16:22:32Z","timestamp":1774369352653,"version":"3.50.1"},"reference-count":45,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"2","license":[{"start":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T00:00:00Z","timestamp":1772323200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T00:00:00Z","timestamp":1772323200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T00:00:00Z","timestamp":1772323200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Secur. Privacy"],"published-print":{"date-parts":[[2026,3]]},"DOI":"10.1109\/msec.2025.3633466","type":"journal-article","created":{"date-parts":[[2026,3,16]],"date-time":"2026-03-16T20:17:39Z","timestamp":1773692259000},"page":"53-63","source":"Crossref","is-referenced-by-count":1,"title":["From Promise to Peril: Rethinking Cybersecurity Red and Blue Teaming in the Age of LLMs"],"prefix":"10.1109","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9695-7947","authenticated-orcid":false,"given":"Alsharif","family":"Abuadbba","sequence":"first","affiliation":[{"name":"CSIRO’s Data61, Marsfield, NSW, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9962-5080","authenticated-orcid":false,"given":"Kristen","family":"Moore","sequence":"additional","affiliation":[{"name":"CSIRO’s Data61, Clayton, VIC, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8212-8793","authenticated-orcid":false,"given":"Diksha","family":"Goel","sequence":"additional","affiliation":[{"name":"CSIRO’s Data61, Clayton, VIC, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6340-004X","authenticated-orcid":false,"given":"Chris","family":"Hicks","sequence":"additional","affiliation":[{"name":"Alan Turing Institute, London, NW1, U.K"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2667-5906","authenticated-orcid":false,"given":"Vasilios","family":"Mavroudis","sequence":"additional","affiliation":[{"name":"Alan Turing Institute, London, NW1, U.K"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5005-2894","authenticated-orcid":false,"given":"Burak","family":"Hasircioglu","sequence":"additional","affiliation":[{"name":"Alan Turing Institute, London, NW1, U.K"}]},{"given":"Piers","family":"Jennings","sequence":"additional","affiliation":[{"name":"Loughborough University, Loughborough, LE11, U.K"}]}],"member":"263","reference":[{"key":"ref1","article-title":"What is red teaming?","author":"Anderson","year":"2024","journal-title":"IBM"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.23919\/mipro48935.2020.9245370"},{"key":"ref3","article-title":"OCCULT: Evaluating large language models for offensive cyber operation capabilities","author":"Kouremetis","year":"2025"},{"key":"ref4","volume-title":"The NIST cybersecurity framework (CSF) 2.0","year":"2024"},{"key":"ref5","volume-title":"ATT&CK matrix for enterprise","year":"2024"},{"key":"ref6","volume-title":"Cybercrime and privacy in the digital age: Legal frameworks, emerging challenges, and future trends","author":"Mohsin","year":"2025"},{"key":"ref7","volume-title":"The AI effect: Amazon sees nearly 1 billion cyber threats a day","author":"Rundle","year":"2024"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.48550\/ARXIV.1706.03762"},{"key":"ref9","article-title":"Language models are unsupervised multitask learners","author":"Radford","year":"2019","journal-title":"OpenAI Blog"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.48550\/arXiv.1810.04805"},{"key":"ref11","article-title":"Fine-tuning language models from human preferences","author":"Ziegler","year":"2019"},{"key":"ref12","article-title":"Scaling laws for neural language models","author":"Kaplan","year":"2020"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1145\/3687300"},{"key":"ref14","first-page":"847","article-title":"PENTESTGPT: Evaluating and harnessing large language models for automated penetration testing","volume-title":"Proc. 33rd USENIX Conf. Secur. Symp. (SEC)","author":"Deng","year":"2024"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.14722\/wosoc.2024.23002"},{"key":"ref16","article-title":"LLM agents can autonomously hack websites","author":"Fang","year":"2024"},{"key":"ref17","article-title":"LLMs killed the script kiddie: How agents supported by large language models change the landscape of network threat testing","author":"Moskal","year":"2023"},{"key":"ref18","article-title":"LLM agents can autonomously exploit one-day vulnerabilities","author":"Fang","year":"2024"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1177\/1548512912464532"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/2808128.2808133"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2019.01.051"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/3663408.3663424"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/3701716.3715171"},{"key":"ref24","article-title":"CyberSleuth: Autonomous blue-team LLM agent for web attack forensics","author":"Fumero","year":"2025"},{"key":"ref25","article-title":"Benchmarking LLM-assisted blue teaming via standardized threat hunting","author":"Meng","year":"2025"},{"key":"ref26","first-page":"23,826","article-title":"InterCode: Standardizing and benchmarking interactive coding with execution feedback","volume-title":"Proc. 37th Int. Conf. Neural Inf. Process. Syst. (NIPS)","author":"Yang","year":"2023"},{"key":"ref27","article-title":"ThreatModeling-LLM: Automating threat modeling using large language models for banking system","author":"Wu","year":"2024"},{"key":"ref28","article-title":"Challenges and applications of large language models","author":"Kaddour","year":"2023"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2024.emnlp-main.764"},{"key":"ref30","article-title":"Large language model adversarial landscape through the lens of attack objectives","author":"Wang","year":"2025"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1016\/j.iotcps.2025.01.001"},{"key":"ref32","article-title":"RULER: Whats the real context size of your long-context language models?","author":"Hsieh","year":"2024"},{"key":"ref33","article-title":"Cybench: A framework for evaluating cybersecurity capabilities and risks of language models","author":"Zhang","year":"2024"},{"key":"ref34","article-title":"EnIGMA: Interactive tools substantially assist LM agents in finding security vulnerabilities","author":"Abramovich","year":"2024"},{"key":"ref35","article-title":"Benchmarking practices in LLM-driven offensive security: Testbeds, metrics, and experiment design","author":"Happe","year":"2025"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.6028\/nist.ai.600-1"},{"key":"ref37","volume-title":"Red team tools in the hands of cybercriminals and nation states","author":"Hilt","year":"2025"},{"key":"ref38","volume-title":"CrowdStrike 2024 global threat report - Hiding in plain sight","year":"2024"},{"key":"ref39","article-title":"Enisa threat landscape 2022","year":"2022","journal-title":"enisa"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1145\/3658644.3690292"},{"key":"ref41","article-title":"Agent AI: Surveying the horizons of multimodal interaction","author":"Durante","year":"2024"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.52202\/075280-0377"},{"key":"ref43","article-title":"AutoGen: Enabling next-gen LLM applications via multi-agent conversation","author":"Wu","year":"2024"},{"key":"ref44","volume-title":"CVE-2025-31491","year":"2025"},{"key":"ref45","article-title":"International AI safety report","author":"Bengio","year":"2025"}],"container-title":["IEEE Security & Privacy"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/8013\/11435537\/11435543.pdf?arnumber=11435543","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T06:29:16Z","timestamp":1773728956000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11435543\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3]]},"references-count":45,"journal-issue":{"issue":"2"},"URL":"https:\/\/doi.org\/10.1109\/msec.2025.3633466","relation":{},"ISSN":["1540-7993","1558-4046"],"issn-type":[{"value":"1540-7993","type":"print"},{"value":"1558-4046","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3]]}}}