Policy-Guided Threat Hunting: An LLM enabled Framework with Splunk SOC Triage

ArXi:2603.23966v1 Announce Type: cross With frequently evolving Advanced Persistent Threats (APTs) in cyberspace, traditional security solutions approaches have become inadequate for threat hunting for organizations. Moreover, SOC (Security Operation Centers) analysts are often overwhelmed and struggle to analyze the huge volume of logs received from diverse devices in organizations.