Oracle Triple-T: Enhancing NOC and SOC Operations with RAG and Fine-Tuned Language Models

Spring 2024

In the rapidly evolving landscape of cyber security, the ability to swiftly generate comprehensive and accurate security reports is paramount and NOC and SOC operators. This session showcases an advanced approach that leverages Retrieval-Augmented Generation (RAG) and fine-tuned Large Language Models (LLMs), such as Cohere and Llama2, to automate the creation of detailed security reports. By incorporating account telemetry and network traffic logs as RAG, this method enhances the report’s contextuality and relevance, ensuring precise and insightful incident narratives and breach analyses.

A focal point of the presentation is the innovative integration of events from OCI Cloud Guard, a key component in identifying and correlating security threats within the Oracle Cloud Infrastructure (OCI). This integration enriches the reports with specific cloud-based security insights and leverages OCI’s advanced threat detection capabilities to provide a more granular understanding of the security posture.

The session includes a detailed walkthrough of how the combined use of RAG, fine-tuned LLMs, and Oracle Database 24c’s vector search can automate the assimilation of vast amounts of data, transforming them into coherent, actionable security reports. Attendees gain insights into the practical application of these technologies in real-world security scenarios, illustrating how they can significantly reduce the time and effort required to produce security reports while simultaneously increasing their accuracy and depth of analysis.

This holistic approach streamlines the reporting process and enhances the overall security response by providing timely, data-driven insights into security incidents and breaches. The presentation aims to empower security professionals with the knowledge and tools necessary to leverage these cutting-edge technologies, ultimately strengthening their organization’s security posture and incident response capabilities.


Dr. Sanjay Basu has been working in technology for more than 30 years and currently leads the Generative AI and GPU Cloud Engineering teams at Oracle Cloud. Sanjay holds a Doctorate in organizational behavior, double master’s in management & computer engineering, He is working on his second PhD in Artificial Intelligence. He is a Life Member of ACM, AAAI, IEEE and Fellow of IETE. He is a prolific writer and author of 4 technical books and holds 6 US patents.

Related events