Lyrie
Streams
CVE Deep DivesActive ExploitationResearchBreachesLyrie OriginalsAI Threats
SearchMethodology
Get Lyrie →
Research
3 sources verified·1 min read
By Lyrie Threat Intelligence·5/12/2026

AI-Driven Security Alert Screening and Alert Fatigue Mitigation in Security Operations Centers: A Comprehensive Survey

Source: arXiv cs.CR

Published: Tue, 12 May 2026 00:00:00 -0400

Summary

arXiv:2605.08316v1 Announce Type: new

Abstract: Security alert screening is the downstream task of filtering, prioritizing, correlating, and contextualizing alerts for analyst attention in Security Operations Centers. This survey reviews artificial-intelligence-driven alert screening and alert-fatigue mitigation from 2015 to 2026. We synthesize 119 records, including 87 core studies, into a four-stage workflow taxonomy covering filtering, triage, correlation, and generative augmentation. We find persistent gaps in deployment realism, adversarial robustness, cross-environment validation, and evaluation practice. The survey concludes with a research agenda toward trustworthy Cognitive Security Operations Centers.

Sources

Lyrie Verdict

Lyrie's autonomous defense layer flags this class of exposure the moment it surfaces — no signature update required.

#arxiv-cs-cr#research

Validated sources

  1. [1]arXiv cs.CR
  2. [2]arXiv cs.CR feed
  3. [3]Lyrie research desk

Related Articles

research
arXiv cs.CR: Binge, Bot, Repeat: Unpacking the Ecosystem of Video Piracy on Telegram
1 min read · 3 sources
research
arXiv cs.CR: Deterministic Fully-Static Whole-Binary Translation without Heuristics
1 min read · 3 sources
research
arXiv cs.CR: Kettle: Attested builds for verifiable software provenance
1 min read · 3 sources