The volume of alerts produced by the SIEM system causes SOC analysts to experience alert fatigue, with actual security incidents obscured by more than fifty percent of notifications being considered false positives. This inefficiency causes delays in response times and puts organisations at risk due to insufficient resource allocation. We have, therefore, introduced a new framework in this paper, which incorporates LLMs into SOC initiatives. Overall, with the help of contextual understanding elements of LLMs, our framework concludes with 95,5% accuracy to classify the alerts as false positives or actual threats. The study’s results, therefore, validate less alert fatigue, improved systems functioning, and shorter time to critical security events using the proposed methodology. As a result, this paper outlines the proposed system’s description, development, and evaluation to determine its potential for future SOC operations.
Copyrights © 2025