Vol.28, No.2, 2021, pp.527-545, doi:10.32604/iasc.2021.016240
AI/ML in Security Orchestration, Automation and Response: Future Research Directions
  • Johnson Kinyua1, Lawrence Awuah2,*
1 College of Information Sciences and Technology, Pennsylvania State University, State College, PA 16801, USA
2 Department of Cybersecurity, University of Maryland Global Campus, Adelphi, MD 20783, USA
* Corresponding Author: Lawrence Awuah. Email:
(This article belongs to this Special Issue: Humans and Cyber Security Behaviour)
Received 28 December 2020; Accepted 28 January 2021; Issue published 01 April 2021
Today’s cyber defense capabilities in many organizations consist of a diversity of tools, products, and solutions, which are very challenging for Security Operations Centre (SOC) teams to manage in current advanced and dynamic cyber threat environments. Security researchers and industry practitioners have proposed security orchestration, automation, and response (SOAR) solutions designed to integrate and automate the disparate security tasks, processes, and applications in response to security incidents to empower SOC teams. The next big step for cyber threat detection, mitigation, and prevention efforts is to leverage AI/ML in SOAR solutions. AI/ML will act as a force multiplier empowering SOC analysts even further. We conducted a detailed survey by studying work by both security researchers and industry practitioners on SOAR, including its interpretations, from an AI/ML perspective by reviewing works published in academic journals, conferences, websites, blogs, white papers, etc. (a multi-vocal view). We report on our findings and future research directions in this area.
Security management; security orchestration and automation; machine learning; SOAR; security orchestration; security automation; deep learning; deep reinforcement learning; incident response
Cite This Article
J. Kinyua and L. Awuah, "Ai/ml in security orchestration, automation and response: future research directions," Intelligent Automation & Soft Computing, vol. 28, no.2, pp. 527–545, 2021.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.