March 8, 2025
Artificial intelligence is reshaping the cybersecurity landscape, and one of the most promising developments is the use of generative AI models to assist security analysts. In my latest research, titled Using Generative AI Models to Support Cybersecurity Analysts, we explored how large language models (LLMs) can be integrated into cybersecurity workflows to enhance threat detection, vulnerability assessment, and log analysis.
Cybersecurity analysts deal with an overwhelming amount of data—from event logs and security settings to vulnerability reports and malware analysis. While traditional tools help collect and process this data, human analysts still spend hours manually identifying threats and assessing risks.
Generative AI can change this by:
Our study focused on two real-world applications where LLMs can assist cybersecurity experts:
We developed a system that combines LLMs with security tools like MobSF (Mobile Security Framework) and Semgrep to analyze Android applications for vulnerabilities. Instead of relying solely on static analysis tools, we leveraged AI-driven contextual analysis to:
💡 Key finding: LLMs improved the speed and accuracy of vulnerability detection, but they also introduced false positives, requiring human verification.
We tested how LLMs could assist in analyzing network security logs from tools like Suricata (IDS/IPS) and Sysmon (Windows monitoring tool). Our approach aimed to correlate security alerts with real threats, filtering out false positives and mapping incidents to the MITRE ATT&CK framework.
💡 Key finding: AI-assisted analysis significantly reduced the time required to identify and classify threats, but models struggled with highly obfuscated or complex attacks.
While our research demonstrated great potential, using LLMs in cybersecurity isn’t without risks:
Despite these challenges, AI-assisted cybersecurity is rapidly evolving. Future advancements in fine-tuned LLMs, custom security AI models, and real-time adaptive learning could revolutionize how we detect, analyze, and respond to threats.
If you’re interested in the full details of our research, you can find the paper here:
Research Paper URLAs AI becomes a critical tool for cybersecurity professionals, the balance between automation and human expertise will be key to ensuring both efficiency and accuracy in defending against cyber threats.
🔐 Stay secure, stay informed, and embrace AI in cybersecurity!