IEEE

MITRE Tactics Inference from Splunk Queries

Abstract: In cybersecurity, understanding an attacker’s tactics and techniques gives the defender an edge. MITRE ATT&CK provides a framework that describes 14 tactics commonly used by attackers in the ...
IEEE

SynRAG: A Large Language Model Framework for Executable Query Generation in Heterogeneous SIEM Systems

Abstract: Security Information and Event Management (SIEM) systems are essential for large enterprises to monitor their IT infrastructure by ingesting and analyzing millions of logs and events daily.