Augmenting cyber threat alerts on the ACES platform with ACES's specific information.
Description
The current Cyberthreat alerts on the ACES platform are difficult to understand and we often see false positives relative to new use cases.
Detailed example
The AI system will output the cyberthreat alert along with information on the context of the threat in the SEC environment. It will summarize the information and provide suggested guidance in a more readable format.
AI / analytics pattern
Generative AI: AI that generates new or synthetic content (e.g., images, videos, audio, text, code).
Automation level / stage
b) Pilot – The use case has been deployed in a limited test or pilot capacity.
Expected benefit
The current Cyberthreat alerts on the ACES platform are difficult to understand and we often see false positives relative to new use cases. We would like to run the alerts through a RAG-enabled AI model to: • Add SEC specific guidance and context to the emails based on a curated knowledge base. • Provide more guidance on how to respond to the alert. • Make the notification email easier to read and understand.
Controls / human review
ATO: Yes; PIA: Not published
Data needed
The ACES team will develop a knowledge base using existing documentation on the workings of the ACES environment in the SEC in order to provide the RAG implementation.