<![CDATA[Security Operation Center (SOC) analysts encounter significant delays due to "Swivel Chair Analysis," a manual and fragmented process for triaging Indicators of Compromise (IoC). This study addresses this inefficiency by developing "CyberGuardianBot," an automated ChatOps assistant built using the Rapid Application Development (RAD) methodology and the Telegram Bot API. Applying Security Orchestration, Automation, and Response (SOAR) principles, the system asynchronously orchestrates multi-source intelligence from VirusTotal, AbuseIPDB, URLScan.io, AlienVault OTX, and MobSF. A key novelty is the integration of Google Gemini to perform cognitive synthesis, translating raw API data into actionable insights. Blackbox testing validated the system across 15 test cases, confirming the successful automation of URL, IP, and file triage. The bot generates natural language executive summaries and structured reports (.txt and .pdf), significantly enhancing the speed and accuracy of the triage process while reducing the cognitive load on analysts.]]>
Copyrights © 2025
