{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,30]],"date-time":"2026-06-30T00:06:55Z","timestamp":1782778015097,"version":"3.54.5"},"reference-count":83,"publisher":"MDPI AG","issue":"5","license":[{"start":{"date-parts":[[2025,4,29]],"date-time":"2025-04-29T00:00:00Z","timestamp":1745884800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"MSIT (Ministry of Science and ICT), Korea","award":["RS-2020-II201797"],"award-info":[{"award-number":["RS-2020-II201797"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Information"],"abstract":"<jats:p>The evolving landscape of cybersecurity threats demands the modernization of Security Operations Centers (SOCs) to enhance threat detection, response, and mitigation. Security Orchestration, Automation, and Response (SOAR) platforms play a crucial role in addressing operational inefficiencies; however, traditional no-code SOAR solutions face significant limitations, including restricted flexibility, scalability challenges, inadequate support for advanced logic, and difficulties in managing large playbooks. These constraints hinder effective automation, reduce adaptability, and underutilize analysts\u2019 technical expertise, underscoring the need for more sophisticated solutions. To address these challenges, we propose a hyper-automation SOAR platform powered by agentic-LLM, leveraging Large Language Models (LLMs) to optimize automation workflows. This approach shifts from rigid no-code playbooks to AI-generated code, providing a more flexible and scalable alternative while reducing operational complexity. Additionally, we introduce the IVAM framework, comprising three critical stages: (1) Investigation, structuring incident response into actionable steps based on tailored recommendations, (2) Validation, ensuring the accuracy and effectiveness of executed actions, (3) Active Monitoring, providing continuous oversight. By integrating AI-driven automation with the IVAM framework, our solution enhances investigation quality, improves response accuracy, and increases SOC efficiency in addressing modern cybersecurity threats.<\/jats:p>","DOI":"10.3390\/info16050365","type":"journal-article","created":{"date-parts":[[2025,4,30]],"date-time":"2025-04-30T05:50:17Z","timestamp":1745992217000},"page":"365","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":29,"title":["Toward Robust Security Orchestration and Automated Response in Security Operations Centers with a Hyper-Automation Approach Using Agentic Artificial Intelligence"],"prefix":"10.3390","volume":"16","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1131-6011","authenticated-orcid":false,"family":"Ismail","sequence":"first","affiliation":[{"name":"School of Computer Science and Engineering, Pusan National University, Busan 46241, Republic of Korea"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-7820-9149","authenticated-orcid":false,"given":"Rahmat","family":"Kurnia","sequence":"additional","affiliation":[{"name":"SmartM2M. Co., Ltd., 701, 702, Building A, Centum Skybiz, 97 Centumjungang-ro, Haeundae-gu, Busan 48058, Republic of Korea"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Zilmas Arjuna","family":"Brata","sequence":"additional","affiliation":[{"name":"SmartM2M. Co., Ltd., 701, 702, Building A, Centum Skybiz, 97 Centumjungang-ro, Haeundae-gu, Busan 48058, Republic of Korea"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ghitha Afina","family":"Nelistiani","sequence":"additional","affiliation":[{"name":"SmartM2M. Co., Ltd., 701, 702, Building A, Centum Skybiz, 97 Centumjungang-ro, Haeundae-gu, Busan 48058, Republic of Korea"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5481-5550","authenticated-orcid":false,"given":"Shinwook","family":"Heo","sequence":"additional","affiliation":[{"name":"SmartM2M. Co., Ltd., 701, 702, Building A, Centum Skybiz, 97 Centumjungang-ro, Haeundae-gu, Busan 48058, Republic of Korea"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Hyeongon","family":"Kim","sequence":"additional","affiliation":[{"name":"SmartM2M. Co., Ltd., 701, 702, Building A, Centum Skybiz, 97 Centumjungang-ro, Haeundae-gu, Busan 48058, Republic of Korea"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8475-7294","authenticated-orcid":false,"given":"Howon","family":"Kim","sequence":"additional","affiliation":[{"name":"School of Computer Science and Engineering, Pusan National University, Busan 46241, Republic of Korea"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2025,4,29]]},"reference":[{"key":"ref_1","unstructured":"Crowley, C., and Pescatore, J. (2025, February 12). Common and Best Practices for Security Operations Centers: Results of the 2019 SOC Survey. SANS Institute Information Security Reading Room. Available online: https:\/\/www.sans.org\/media\/analyst-program\/common-practices-security-operations-centers-results-2019-soc-survey-39060.pdf."},{"key":"ref_2","unstructured":"Threat Intelligence Team (2025, January 07). Accelerate Incident Response with SOAR. Threat Intelligence Blog. Available online: https:\/\/www.threatintelligence.com\/blog\/soar-incident-response."},{"key":"ref_3","unstructured":"CREST (2025, January 07). CREST Launches Comprehensive White Paper on Maximising SOAR in the SOC\u2014Global Security Mag Online. Global Security Magazine Online, Available online: https:\/\/www.globalsecuritymag.com\/crest-launches-comprehensive-white-paper-on-maximising-soar-in-the-soc.html."},{"key":"ref_4","unstructured":"Logic, S. (2025, January 07). How SOAR Can Foster Efficient SecOps in Modern SOCs|Sumo Logic. Sumo Logic Blog. Available online: https:\/\/www.sumologic.com\/blog\/how-soar-can-foster-efficient-secops-in-modern-socs\/."},{"key":"ref_5","unstructured":"Securaa (2025, January 07). SOAR: Revolutionizing Security Operations Centers (SOC) Teams-Securaa. Securaa Blog. Available online: https:\/\/securaa.io\/soar-revolutionizing-security-operations-centers-soc-teams\/."},{"key":"ref_6","unstructured":"Rapid7 (2025, January 07). Automating Threat Hunting with SOAR for Faster Response Times|Rapid7 Blog. Rapid7 Blog. Available online: https:\/\/www.rapid7.com\/blog\/post\/2019\/07\/29\/how-to-automate-threat-hunting-with-soar-for-faster-response-times\/."},{"key":"ref_7","unstructured":"D3 Security (2025, January 07). How Smart SOAR Automates Threat Hunting|D3 Security. D3 Security Blog. Available online: https:\/\/d3security.com\/blog\/how-smart-soar-automates-threat-hunting\/."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Ferrara, A.L., and Krishnan, R. (2024). Optimal Automated Generation of Playbooks. Data and Applications Security and Privacy XXXVIII: Proceedings of the 38th Annual IFIP WG 11.3 Conference, DBSec 2024, San Jose, CA, USA, 15\u201317 July 2024, Springer Nature.","DOI":"10.1007\/978-3-031-65172-4"},{"key":"ref_9","unstructured":"Jansen, A., Malavolta, I., Muccini, H., Ozkaya, I., and Zimmermann, O. (2020, January 16\u201320). Architecture-Centric Support for Integrating Security Tools in a Security Orchestration Platform. Proceedings of the Software Architecture, Salvador, Brazil."},{"key":"ref_10","unstructured":"Zhang, Y., Li, X., and Wang, M. (2020, January 15\u201317). Playbook-Centric Scalable SOAR System Architecture. Proceedings of the 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2020), Dublin, Ireland."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"388","DOI":"10.3390\/jcp4030020","article-title":"Humans and Automation: Augmenting Security Operation Centers","volume":"4","author":"Tilbury","year":"2024","journal-title":"J. Cybersecur. Priv."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"465343","DOI":"10.1016\/j.chroma.2024.465343","article-title":"Concept of flexible no-code automation for complex sample preparation procedures","volume":"1736","author":"Kochale","year":"2024","journal-title":"J. Chromatogr. A"},{"key":"ref_13","first-page":"199","article-title":"Novel Architecture of Security Orchestration, Automation and Response in Internet of Blended Environment","volume":"73","author":"Lee","year":"2022","journal-title":"Comput. Mater. Contin."},{"key":"ref_14","unstructured":"Tyagi, A. (2025, January 11). Enterprise Risk Management: Benefits and Challenges. Available online: https:\/\/ssrn.com\/abstract=3748267."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1057\/rm.2009.1","article-title":"The changing nature of risk and risk management: The challenge of borders, uncertainty and resilience","volume":"11","author":"Smith","year":"2009","journal-title":"Risk Manag."},{"key":"ref_16","unstructured":"Luxoft (2025, January 13). Transforming Regulatory and GRC with Low-Code Automation Technologies|Luxoft Blog. Luxoft Blog. Available online: https:\/\/www.luxoft.com\/blog\/transforming-regulatory-and-grc-with-low-code-automation-technologies."},{"key":"ref_17","unstructured":"Quantzig (2025, January 13). Top Benefits of Low-Code Platforms That Transforms Your Business in 2025. Quantzig Blog. Available online: https:\/\/www.quantzig.com\/low-code-no-code-platform\/top-benefits-of-low-code-platforms."},{"key":"ref_18","unstructured":"Technology, B. (2025, January 13). Low-Code Development: A Comprehensive Guide for 2025. Bacancy Technology Blog. Available online: https:\/\/www.bacancytechnology.com\/blog\/low-code-development."},{"key":"ref_19","unstructured":"Intelliconnectq (2025, January 13). Low-Code Platforms for Optimizing Operational Costs. Intelliconnectq Blog. Available online: https:\/\/intelliconnectq.com\/blog\/low-code-platforms-for-optimizing-operational-costs."},{"key":"ref_20","unstructured":"Sido, N., Emon, E.A., Ahmed, E., Supervisor, E., and Falch, M. (2024). Low\/No Code Development and Generative AI. [Bachelor\u2019s Thesis, Aalborg University]. Available online: https:\/\/vbn.aau.dk\/ws\/files\/717521040\/LowNOCode__GenAI.pdf."},{"key":"ref_21","unstructured":"Desmond, M., Duesterwald, E., Isahagian, V., and Muthusamy, V. (2022). A No-Code Low-Code Paradigm for Authoring Business Automations Using Natural Language. arXiv."},{"key":"ref_22","unstructured":"Rajput, A.S., and Professor, R.G.A. (2023). Hyper-automation-The next peripheral for automation in IT industries. arXiv."},{"key":"ref_23","unstructured":"Quargnali, G. (2023). Low-Code\/No-Code Development and Generative AI: Opportunities and Challenges. [Bachelor\u2019s Thesis, Haaga-Helia University of Applied Sciences]. Available online: https:\/\/www.theseus.fi\/bitstream\/handle\/10024\/751688\/Quargnali_Giovanni.pdf."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"339","DOI":"10.1007\/s12525-021-00519-7","article-title":"Cognitive automation","volume":"32","author":"Engel","year":"2022","journal-title":"Electron. Mark."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"94","DOI":"10.1177\/02683962231185599","article-title":"Stairway to heaven or highway to hell: A model for assessing cognitive automation use cases","volume":"39","author":"Engel","year":"2024","journal-title":"J. Inf. Technol."},{"key":"ref_26","unstructured":"Akande, A. (2024). The Psychology of Automation and Artificial Intelligence atWork: Exploring Four Fantasies and Their Leadership Implications. Power, Politics and Influence: Exercising Followership, Leadership, and Practicing Politics, Springer Nature."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s10845-023-02265-3","article-title":"Hyper-automation in manufacturing industry","volume":"35","author":"Kusiak","year":"2024","journal-title":"J. Intell. Manuf."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"98204","DOI":"10.1109\/ACCESS.2022.3205623","article-title":"Sustainable Hyperautomation in High-Tech Manufacturing Industries: A Case of Linear Electromechanical Actuators","volume":"10","author":"Fedosovsky","year":"2022","journal-title":"IEEE Access"},{"key":"ref_29","unstructured":"SANS Institute (2020). SANS 2020 MITRE ATT&CK Whitepaper, SANS Institute. Available online: https:\/\/www.sans.org\/media\/vendor\/SANS-2020-MITRE-ATT&CK-Whitepaper-Sell-Sheet.pdf."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Bartwal, U., Mukhopadhyay, S., Negi, R., and Shukla, S. (2022). Security Orchestration, Automation and Response Engine for Deployment of Behavioural Honeypots. arXiv.","DOI":"10.1109\/DSC54232.2022.9888808"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"528","DOI":"10.32604\/iasc.2021.016240","article-title":"AI\/ML in Security Orchestration, Automation and Response: Future Research Directions","volume":"28","author":"Kinyua","year":"2021","journal-title":"Intell. Autom. Soft Comput."},{"key":"ref_32","unstructured":"SANS Institute (2025). Incident Response Cycle, SANS Institute. Available online: https:\/\/www.sans.org\/media\/score\/504-incident-response-cycle.pdf."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Fysarakis, K., Lekidis, A., Mavroeidis, V., Lampropoulos, K., Lyberopoulos, G., Vidal, I.G.M., Ter\u00e9s i Casals, J.C., Luna, E.R., Moreno Sancho, A.A., and Mavrelos, A. (August, January 31). PHOENI2X\u2014A European Cyber Resilience Framework With Artificial-Intelligence-Assisted Orchestration, Automation & Response Capabilities for Business Continuity and Recovery, Incident Response, and Information Exchange. Proceedings of the 2023 IEEE International Conference on Cyber Security and Resilience (CSR), Venice, Italy.","DOI":"10.1109\/CSR57506.2023.10224995"},{"key":"ref_34","unstructured":"Kremer, R., Wudali, P.N., Momiyama, S., Araki, T., Furukawa, J., Elovici, Y., and Shabtai, A. (2023). IC-SECURE: Intelligent System for Assisting Security Experts in Generating Playbooks for Automated Incident Response. arXiv."},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Sworna, Z.T., Islam, C., and Babar, M.A. (2022). APIRO: A Framework for Automated Security Tools API Recommendation. arXiv.","DOI":"10.1145\/3512768"},{"key":"ref_36","unstructured":"Valencia, L.J. (2024). Artificial Intelligence as the New Hacker: Developing Agents for Offensive Security. [Master\u2019s Thesis, New Mexico Institute of Mining and Technology]."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Oesch, S., Hutchins, J., Austria, P., and Chaulagain, A. (2025). Agentic AI and the Cyber Arms Race. IEEE Comput. Mag. Cybertrust Column, To be published.","DOI":"10.1109\/MC.2025.3544116"},{"key":"ref_38","unstructured":"Khan, R., Sarkar, S., Mahata, S.K., and Jose, E. (2024). Security Threats in Agentic AI System. arXiv."},{"key":"ref_39","unstructured":"Kaheh, M., Kholgh, D.K., and Kostakos, P. (2023). Cyber Sentinel: Exploring Conversational Agents\u2019 Role in Streamlining Security Tasks with GPT-4. arXiv."},{"key":"ref_40","unstructured":"Infrastructure Security Agency (2025, January 08). CISA|Defend Today, Secure Tomorrow. CISA Website, Available online: https:\/\/www.cisa.gov\/sites\/default\/files\/publications\/Incident-Response-Plan-Basics_508c.pdf."},{"key":"ref_41","unstructured":"(2018). Framework for Improving Critical Infrastructure Cybersecurity, American\u2019s Cyber Defense Agency. Version 1.1."},{"key":"ref_42","unstructured":"Strom, B.E., Applebaum, A., Miller, D.P., Nickels, K.C., Pennington, A.G., and Thomas, C.B. (2025, January 08). MITRE ATT&CK\u00ae: Design and Philosophy, Available online: https:\/\/attack.mitre.org\/docs\/ATTACK_Design_and_Philosophy_March_2020.pdf."},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"100328","DOI":"10.1016\/j.dajour.2023.100328","article-title":"Cybersecurity risk quantification and classification framework for informed risk mitigation decisions","volume":"9","author":"Zadeh","year":"2023","journal-title":"Decis. Anal. J."},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Quinn, S., Ivy, N., Barrett, M., Witte, G., and Gardner, R.K. (2022). NISTIR 8286B: Prioritizing Cybersecurity Risk for Enterprise Risk Management, National Institute of Standards and Technology (NIST). Technical Report 8286B.","DOI":"10.6028\/NIST.IR.8286B"},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Algarni, A.M., and Malaiya, Y.K. (2016, January 7\u20138). A consolidated approach for estimation of data security breach costs. Proceedings of the 2016 2nd International Conference on Information Management, (ICIM), London, UK.","DOI":"10.1109\/INFOMAN.2016.7477530"},{"key":"ref_46","doi-asserted-by":"crossref","first-page":"493","DOI":"10.1007\/s10207-020-00515-6","article-title":"A Quantitative Assessment of Security Risks Based on a Multifaceted Classification Approach","volume":"20","author":"Jouini","year":"2020","journal-title":"Springer J. Inf. Secur."},{"key":"ref_47","unstructured":"OpenAI (2025, February 06). GPT-4. Available online: https:\/\/openai.com\/product\/gpt-4."},{"key":"ref_48","unstructured":"Google (2025, February 06). Bard. Available online: https:\/\/bard.google.com\/."},{"key":"ref_49","unstructured":"Anthropic (2025, February 06). Claude. Available online: https:\/\/www.anthropic.com\/claude."},{"key":"ref_50","unstructured":"Meta AI (2025, February 06). LLaMA: Large Language Model Meta AI. Available online: https:\/\/ai.meta.com\/blog\/large-language-model-llama-meta-ai\/."},{"key":"ref_51","unstructured":"Cohere AI (2025, February 06). Command R: Retrieval-Augmented Generation Model. Available online: https:\/\/cohere.ai\/command."},{"key":"ref_52","unstructured":"Hugging Face BigScience (2025, February 06). BLOOM: BigScience Large Open-Science Open-Access Multilingual Language Model. Available online: https:\/\/huggingface.co\/bigscience\/bloom."},{"key":"ref_53","unstructured":"EleutherAI (2025, February 06). GPT-NeoX: A Large-Scale Autoregressive Language Model. Available online: https:\/\/github.com\/EleutherAI\/gpt-neox."},{"key":"ref_54","unstructured":"DeepSeek AI (2025, February 06). DeepSeek-R1. Available online: https:\/\/en.wikipedia.org\/wiki\/DeepSeek."},{"key":"ref_55","unstructured":"Alibaba DAMO Academy (2025, February 06). Qwen: Large Language Model by Alibaba. Available online: https:\/\/en.wikipedia.org\/wiki\/List_of_large_language_models."},{"key":"ref_56","first-page":"1877","article-title":"Language Models are Few-Shot Learners","volume":"33","author":"Brown","year":"2020","journal-title":"Adv. Neural Inf. Process. Syst."},{"key":"ref_57","unstructured":"Bommasani, R., Hudson, D.A., Adeli, E., Altman, R., Arora, S., von Arx, S., Bernstein, M.S., Bohg, J., Bosselut, A., and Brunskill, E. (2021). On the Opportunities and Risks of Foundation Models. arXiv."},{"key":"ref_58","unstructured":"Wei, J., Wang, X., Schuurmans, D., Bosma, M., Ichter, B., Xia, F., Chi, E., Le, Q., and Zhou, D. (2022). Chain-of-Thought Prompting Elicits Reasoning in Large Language Models. arXiv."},{"key":"ref_59","unstructured":"Qin, Y., Liang, S., Ye, Y., Zhu, K., Yan, L., Lu, Y., Lin, Y., Cong, X., Tang, X., and Qian, B. (2023). ToolLLM: Facilitating Large Language Models to Master 16000+ Real-world APIs. arXiv, 16789."},{"key":"ref_60","doi-asserted-by":"crossref","unstructured":"Nair, V., Schumacher, E., Tso, G., and Kannan, A. (2023). DERA: Enhancing Large Language Model Completions with Dialog-Enabled Resolving Agents. arXiv.","DOI":"10.18653\/v1\/2024.clinicalnlp-1.12"},{"key":"ref_61","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3548685","article-title":"Ethical AI in Autonomous Cybersecurity: Challenges and Opportunities","volume":"26","author":"Wang","year":"2023","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"ref_62","unstructured":"Wang, G., Lin, Z., Peng, J.B., Wu, Q., Lu, S., Gonzalez, J.E., Abbeel, P., and Zhou, D.S. (2023). Voyager: An Open-Ended Embodied Agent with Large Language Models. arXiv."},{"key":"ref_63","unstructured":"Ahn, M., Brohan, A., Chai, Y.H.H., Canny, J., Goldberg, K., McGrew, B., and Ichter, B. (2022). Can Large Language Models Be an Alternative to Robot Motion Planning?. arXiv."},{"key":"ref_64","doi-asserted-by":"crossref","unstructured":"Singh, S., Gupta, S., Thakur, A., and Saran, A. (2023). ProgPrompt: Generating Situated Robot Task Plans using Large Language Models. arXiv.","DOI":"10.1109\/ICRA48891.2023.10161317"},{"key":"ref_65","first-page":"45","article-title":"The AI cybersecurity revolution: Leveraging autonomous decision-making for proactive threat mitigation","volume":"10","author":"Mitchell","year":"2022","journal-title":"Cybersecur. J."},{"key":"ref_66","unstructured":"Arsanjani, M.S. (2025, February 12). The Anatomy of Agentic AI. Medium, Available online: https:\/\/dr-arsanjani.medium.com\/the-anatomy-of-agentic-ai-0ae7d243d13c."},{"key":"ref_67","first-page":"112","article-title":"AI-driven cybersecurity orchestration: From predictive analytics to automated defenses","volume":"8","author":"Singh","year":"2023","journal-title":"J. Artif. Intell. Cybersecur."},{"key":"ref_68","doi-asserted-by":"crossref","unstructured":"Zacharewicz, G., Chen, D., and Vallespir, B. (2009, January 21\u201322). Short-Lived Ontology Approach for Agent\/HLA Federated Enterprise Interoperability. Proceedings of the 2009 International Conference on Interoperability for Enterprise Software and Applications, Beijing, China.","DOI":"10.1109\/I-ESA.2009.27"},{"key":"ref_69","unstructured":"Paul, S., Alemi, F., and Macwan, R. (2025). LLM-Assisted Proactive Threat Intelligence for Automated Reasoning. arXiv, Available online: https:\/\/arxiv.org\/abs\/2504.00428."},{"key":"ref_70","first-page":"189","article-title":"AI-driven Vulnerability Assessment: Automating Risk Identification and Mitigation","volume":"5","author":"Zhou","year":"2022","journal-title":"J. Mach. Learn. Secur."},{"key":"ref_71","doi-asserted-by":"crossref","unstructured":"Radanliev, P. (2025). AI Ethics: Integrating Transparency, Fairness, and Privacy in AI Development. Appl. Artif. Intell., 39.","DOI":"10.1080\/08839514.2025.2463722"},{"key":"ref_72","unstructured":"Goodfellow, I.J., Shlens, J., and Szegedy, C. (2014). Explaining and harnessing adversarial examples. arXiv."},{"key":"ref_73","first-page":"155","article-title":"LLM-driven Adversarial Defense: Real-Time Detection and Mitigation of Adversarial Attacks","volume":"9","author":"Johnson","year":"2023","journal-title":"J. AI Secur. Res."},{"key":"ref_74","doi-asserted-by":"crossref","unstructured":"Kurnia, R., Widyatama, F., Wibawa, I.M., Brata, Z.A., Nelistiani, G.A., and Kim, H. (2025). Enhancing Security Operations Center: Wazuh Security Event Response with Retrieval-Augmented-Generation-Driven Copilot. Sensors, 25.","DOI":"10.3390\/s25030870"},{"key":"ref_75","doi-asserted-by":"crossref","first-page":"97","DOI":"10.2478\/remav-2021-0016","article-title":"Risk Management in Business Valuation in the Context of Digital Transformation","volume":"29","author":"Pupentsova","year":"2021","journal-title":"Real Estate Manag. Valuat."},{"key":"ref_76","doi-asserted-by":"crossref","unstructured":"Metin, B., Duran, S., Telli, E., Mutlut\u00fcrk, M., and Wynn, M. (2024). IT Risk Management: Towards a System for Enhancing Objectivity in Asset Valuation that Engenders a Security Culture. Information, 15.","DOI":"10.3390\/info15010055"},{"key":"ref_77","unstructured":"DeepSeek AI (2025, February 12). DeepSeek-R1-Distill-Llama-70B. Hugging Face. Available online: https:\/\/huggingface.co\/deepseek-ai\/DeepSeek-R1-Distill-Llama-70B."},{"key":"ref_78","unstructured":"Meta AI (2025, February 12). Llama-3.3-70B-Instruct. Hugging Face. Available online: https:\/\/huggingface.co\/meta-llama\/Meta-Llama-3-70B-Instruct."},{"key":"ref_79","unstructured":"Documentation, G. (2025, February 12). DeepSeek-R1-Distill-Llama-70B. Groq Console Docs. Available online: https:\/\/console.groq.com\/docs\/model\/deepseek-r1-distill-llama-70b."},{"key":"ref_80","unstructured":"Wazuh (2025, February 25). Wazuh: The Open Source Security Platform. Wazuh Official Website. Available online: https:\/\/wazuh.com\/."},{"key":"ref_81","unstructured":"Wazuh (2025, February 21). Detect Brute-Force Attack. Wazuh Documentation. Available online: https:\/\/documentation.wazuh.com\/current\/proof-of-concept-guide\/detect-brute-force-attack.html."},{"key":"ref_82","unstructured":"Networks, P.A. (2025, February 24). Brute Force Investigation\u2014Generic. Cortex XSOAR Documentation. Available online: https:\/\/xsoar.pan.dev\/docs\/reference\/playbooks\/brute-force-investigation---generic."},{"key":"ref_83","unstructured":"Freitas, S., Kalajdjieski, J., Gharib, A., and McCann, R. (2024). AI-Driven Guided Response for Security Operation Centers with Microsoft Copilot for Security. arXiv."}],"container-title":["Information"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2078-2489\/16\/5\/365\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,9]],"date-time":"2025-10-09T17:24:26Z","timestamp":1760030666000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2078-2489\/16\/5\/365"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,4,29]]},"references-count":83,"journal-issue":{"issue":"5","published-online":{"date-parts":[[2025,5]]}},"alternative-id":["info16050365"],"URL":"https:\/\/doi.org\/10.3390\/info16050365","relation":{},"ISSN":["2078-2489"],"issn-type":[{"value":"2078-2489","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,4,29]]}}}