Paper Detail

AgentSOC: A Multi-Layer Agentic AI Framework for Security Operations Automation

Joyjit Roy, Samaresh Kumar Singh

Browse

Workflow Queues

arxiv Score 15.3

Published 2026-04-22 · First seen 2026-04-23

General AI

Open paper source

Abstract

Security Operations Centers (SOCs) increasingly encounter difficulties in correlating heterogeneous alerts, interpreting multi-stage attack progressions, and selecting safe and effective response actions. This study introduces AgentSOC, a multi-layered agentic AI framework that enhances SOC automation by integrating perception, anticipatory reasoning, and risk-based action planning. The proposed architecture consolidates several layers of abstraction to provide a single operational loop to support normalizing alerts, enriching context, generating hypotheses, validating structural feasibility, and executing policy-compliant responses. Conceptually evaluated within a large enterprise environment, AgentSOC improves triage consistency, anticipates attackers' intentions, and provides recommended containment options that are both operationally feasible and well-balanced between security efficacy and operational impact. The results suggest that hybrid agentic reasoning has the potential to serve as a foundation for developing adaptive, safer SOC automation in large enterprises. Additionally, a minimal Proof-Of-Concept (POC) demonstration using LANL authentication data demonstrated the feasibility of the proposed architecture.

Workflow Status

Review status
pending
Role
unreviewed
Read priority
now
Vote
Not set.
Saved
no
Collections
Not filed yet.
Next action
Not filled yet.

Reading Brief

No structured notes yet. Add `summary_sections`, `why_relevant`, `claim_impact`, or `next_action` in `papers.jsonl` to enrich this view.

Why It Surfaced

No ranking explanation is available yet.

Tags

No tags.

Similar Papers

Agentic Microphysics: A Manifesto for Generative AI Safety 2026-04-16 · Score 14.3 General AI AVISE: Framework for Evaluating the Security of AI Systems 2026-04-22 · Score 4.3 General AI MARD: A Multi-Agent Framework for Robust Android Malware Detection 2026-04-28 · Score 14.8 Research Track A · General AI Tree Learning: A Multi-Skill Continual Learning Framework for Humanoid Robots 2026-04-14 · Score 16.0 Research Track A · General AI AccelOpt: A Self-Improving LLM Agentic System for AI Accelerator Kernel Optimization 2026-04-15 · Score 17.5 General AI

BibTeX

@article{roy2026agentsoc,
  title = {AgentSOC: A Multi-Layer Agentic AI Framework for Security Operations Automation},
  author = {Joyjit Roy and Samaresh Kumar Singh},
  year = {2026},
  abstract = {Security Operations Centers (SOCs) increasingly encounter difficulties in correlating heterogeneous alerts, interpreting multi-stage attack progressions, and selecting safe and effective response actions. This study introduces AgentSOC, a multi-layered agentic AI framework that enhances SOC automation by integrating perception, anticipatory reasoning, and risk-based action planning. The proposed architecture consolidates several layers of abstraction to provide a single operational loop to suppo},
  url = {https://arxiv.org/abs/2604.20134},
  keywords = {cs.CR, cs.AI, cs.CL},
  eprint = {2604.20134},
  archiveprefix = {arXiv},
}

Metadata

{}