Building Scalable Detection-as-Code Pipelines with Agentic Validation and Refinement

The proposed DaC pipeline uses large language models (LLMs) for logic conversion, variant analysis, and simulation testing via Atomic Red Team, with queries executed against Splunk to measure true positives and false negatives.

By

Benjamin Opel

November 6, 2025

All papers are copyrighted. No re-posting of papers is permitted

Related Content

Cyber Defense Essentials

October 6, 2021

Can We Move Past Blocklists to Automated Takedowns?

Penetration Testing and Ethical Hacking

October 6, 2021

Striking from the Shadows: Applying and Analyzing Mitigation Techniques to Bypass Antivirus Payload Detection

September 16, 2021

Cloud Multi-Account Policy Enforcement