Bringing Automation in Security Operations Center (ASOC)

A partnership project in collaboration with the Cyber-Defence Campus and Armasuisse to automate Security Operation Centers.

The project at a glance

Start date:

01 Sep 2022
Duration in months:

55
Funding:

Luxembourg Armed Forces (LAF) / FNR – Luxembourg
Principal Investigator(s):

Jacques KLEIN

About

The ‘Bringing Automation to Security Operations Centers’ project is an innovative research initiative aimed at transforming the operational dynamics of SOCs through the integration of automation technologies. Led by a team of cybersecurity, network security, and artificial intelligence experts and researchers, this project focuses on enhancing the overall efficiency and effectiveness of SOCs by incorporating cutting-edge artificial intelligence (AI) technologies. Our research systematically evaluates the existing frameworks and tools of SOCs, pinpointing opportunities for automation that could lead to significant improvements in speed and accuracy. Another key aspect of our research is the focus on the explainability of AI-driven tools. This ensures that the automated systems are not only effective but also transparent, making it easier for SOC personnel to understand and trust the automated decisions. Explainability is critical in maintaining control over automated processes and in ensuring that decisions can be reviewed and audited, which is essential for compliance and security standards. As SOCs remain central to the cybersecurity defense mechanism, our project is set to significantly influence how these centers operate. The emphasis on automation, coupled with a commitment to explainability, positions the project to redefine SOC workflows, promoting a more proactive, efficient, and transparent approach to cybersecurity.