LLM Agentic Workflow for Automated Vulnerability Detection and Remediation in Infrastructure-as-Code

Dheer Toprani; Vijay K. Madisetti

doi:10.1109/ACCESS.2025.3560911

IEEE Access (Jan 2025)

LLM Agentic Workflow for Automated Vulnerability Detection and Remediation in Infrastructure-as-Code

Dheer Toprani,
Vijay K. Madisetti

Affiliations

Dheer Toprani: ORCiD; College of Computing, Georgia Institute of Technology, Atlanta, GA, USA
Vijay K. Madisetti: ORCiD; School of Cybersecurity and Privacy, Georgia Institute of Technology, Atlanta, GA, USA

DOI: https://doi.org/10.1109/ACCESS.2025.3560911
Journal volume & issue: Vol. 13
pp. 69175 – 69181

Abstract

Read online

This paper presents a multi-agent, AI-driven strategy employing Large Language Models (LLMs), retrieval-augmented generation, and a continuously updated knowledge base for the detection and remediation of security vulnerabilities win cloud frameworks. By examining Infrastructure as Code (IaC) templates alongside pertinent best-practice snippets, the system discerns context-specific misconfigurations commonly overlooked by static tools, achieving a detection rate of 85% with some occurrences of false positives. Automated remediation guidance, anchored in current security standards, provides actionable solutions that seamlessly integrate into standard continuous integration/continuous development (CI/CD) workflows. Experimental results indicate the solution’s efficacy and scalability, heralding a proactive, context-aware approach to IaC security.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords