homepage
Menu
Open menu

Trust But Verify: Evaluating the Accuracy of LLMs in Normalizing Threat Data Feeds

This paper examines whether Large Language Models (LLMs) can be reliably applied to the normalization of Indicators of Compromise (IOCs) into Structured Threat Information Expression (STIX) format.
By
Nicholas Peterson
July 16, 2025
Download

All papers are copyrighted. No re-posting of papers is permitted

470x382_Generic_Whitepaper.jpg

Related Content

Blog
340x340.png
Artificial Intelligence (AI)
A Visual Summary of SANS AI Cybersecurity Summit 2025
Check out these graphic recordings created in real-time throughout the event for SANS AI Cybersecurity Summit 2025
No Headshot Available
Alison Kim
read more
Blog
SANS - Blog - Securing AI in 2025- A Risk-Based Approach to AI Controls and Governance_340 x 340(1).jpg
Artificial Intelligence (AI)
Securing AI in 2025: A Risk-Based Approach to AI Controls and Governance
The SANS Draft Critical AI Security Guidelines v1.1 outlines how enterprises can implement AI securely and effectively using a risk-based approach.
370x370_Rob-Lee.jpg
Rob Lee
read more
Blog
Security Awareness, Artificial Intelligence (AI), Digital Forensics, Incident Response & Threat Hunting, Cloud Security, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, Industrial Control Systems Security, Open-Source Intelligence (OSINT)
Top SANS Summit Talks of 2024
This year, SANS hosted 13 Summits from OSINT, ICS, Ransomware, DFIR to HackFest. Here were the top-rated talks of the year.
No Headshot Available
Alison Kim
read more