Automating Security Audit Using Large Language Model based Agent: An Exploration Experiment
This addresses the problem of time-consuming and costly manual security audits for businesses, though it is incremental as it applies existing LLM methods to a specific domain task.
The paper tackled automating security audits by developing a framework using a Large Language Model (LLM) agent to execute password policy compliance checks on Windows systems, resulting in accurate flagging of violations and improved efficiency compared to manual audits.
In the current rapidly changing digital environment, businesses are under constant stress to ensure that their systems are secured. Security audits help to maintain a strong security posture by ensuring that policies are in place, controls are implemented, gaps are identified for cybersecurity risks mitigation. However, audits are usually manual, requiring much time and costs. This paper looks at the possibility of developing a framework to leverage Large Language Models (LLMs) as an autonomous agent to execute part of the security audit, namely with the field audit. password policy compliance for Windows operating system. Through the conduct of an exploration experiment of using GPT-4 with Langchain, the agent executed the audit tasks by accurately flagging password policy violations and appeared to be more efficient than traditional manual audits. Despite its potential limitations in operational consistency in complex and dynamic environment, the framework suggests possibilities to extend further to real-time threat monitoring and compliance checks.