Incident Response Chatbot for Cybersecurity Threats
CS-C-07
Gal Shmuel; gallishmuel@gmail.com Rachel Yeholashet; rachelyeholashett@gmail.com
Advisors: Mr. Yossi Atias1, Prof. Shlomo Greenberg2 1CyberSecurity Entrepreneur
2SCE - Shamoon College of Engineering, Ashdod
Cybersecurity analysts face challenges in handling security incidents due to the growing complexity of threat detection and response. This project developed a chatbot that assists analysts with open-source large language models (LLMs). The AI Agent is integrated with Wazuh, an open-source security information and event management (SIEM) platform, to analyze alerts, retrieve playbooks, and recommend mitigation strategies. By automating threat classification and response guidance, the system enhances security operations, reduces incident resolution time, optimizes analysts' workflow, and improves cybersecurity efficiency by bridging the gap between security automation and human expertise.
Keywords: chatbot, cybersecurity, incident response, SIEM, Wazuh
Cybersecurity News Summarizer
CS-C-08
Bar Sonego; barsonego1471@walla.com Ron Benjamin; ronb0401@walla.com
Advisors: Mr. Yossi Atias1, Prof. Shlomo Greenberg2 1CyberSecurity Entrepreneur
2SCE - Shamoon College of Engineering, Ashdod
In an era where the volume of cybersecurity-related information grows rapidly each day, professionals often struggle to stay updated on relevant threats and developments. This project developed an automated system that streamlines the monitoring of cybersecurity news by intelligently summarizing articles from diverse sources. The system leverages Large Language Models (LLMs), AI agents, and advanced natural language processing (NLP) techniques to collect, filter, classify, and summarize content in a concise and relevant manner. These technologies enable the system to provide professionals with accurate, real-time insights tailored to their needs. By addressing the problem of information overload, the tool enhances situational awareness and supports faster, more informed decision-making in the cybersecurity domain.
Keywords: AI agents, automation, cybersecurity, information overload, large language models, news summarization, NLP
Book of Abstracts | 2025
 29