English

Practically implementing an LLM-supported collaborative vulnerability remediation process: a team-based approach

Cryptography and Security 2024-09-24 v1

Abstract

Incorporating LLM into cybersecurity operations, a typical real-world high-stakes task, is critical but non-trivial in practice. Using cybersecurity as the study context, we conduct a three-step mix-method study to incorporate LLM into the vulnerability remediation process effectively. Specifically, we deconstruct the deficiencies in user satisfaction within the existing process (Study 1). This inspires us to design, implement, and empirically validate an LLM-supported collaborative vulnerability remediation process through a field study (Study 2). Given LLM's diverse contributions, we further investigate LLM's double-edge roles through the analysis of remediation reports and follow-up interviews (Study 3). In essence, our contribution lies in promoting an efficient LLM-supported collaborative vulnerability remediation process. These first-hand, real-world pieces of evidence suggest that when incorporating LLMs into practical processes, facilitating the collaborations among all associated stakeholders, reshaping LLMs' roles according to task complexity, as well as approaching the short-term side effects of improved user engagement facilitated by LLMs with a rational mindset.

Keywords

Cite

@article{arxiv.2409.14058,
  title  = {Practically implementing an LLM-supported collaborative vulnerability remediation process: a team-based approach},
  author = {Xiaoqing Wang and Yuanjing Tian and Keman Huang and Bin Liang},
  journal= {arXiv preprint arXiv:2409.14058},
  year   = {2024}
}

Comments

accepted by Computers & Security

R2 v1 2026-06-28T18:52:14.708Z