Araştırma Makalesi

Open-Source Automation in Cyber Incident Response Processes: A Low-Code-Based Continuous Detection, Verification, and Response Architecture

Cilt: 19 Sayı: 1 29 Haziran 2026
PDF İndir
TR EN

Open-Source Automation in Cyber Incident Response Processes: A Low-Code-Based Continuous Detection, Verification, and Response Architecture

Öz

Cyber threats are becoming increasingly complex; organizations face difficulties in implementing security policies due to staffing shortages and financial constraints. Manual approaches lead to high "wait times" and false alarms, exposing organizations to risks from cyberattacks. This study proposes a cost-effective, open-source, and lowcode Security Orchestration, Automation, and Response framework for public and private organizations. The proposed system incorporates Wazuh, n8n, OpenVAS, and GLPI solutions and is implemented using a Docker microservice-based architecture operating according to a "zero-touch" approach. The presented solution will help Türkiye develop its national cybersecurity infrastructure at the micro level by minimizing the need for highly skilled personnel. 

Anahtar Kelimeler

Kaynakça

  1. Aksu, M. U., Altuncu, E., & Bicakci, K. (2019, February). A first look at the usability of openvas vulnerability scanner. In Workshop on usable security (USEC) (pp. 1-7). https://doi.org/10.14722/usec.2019.23026 Al Mansoori, F. (2023). Layered Deep Neural Systems for Dynamic Multi-Agent Interaction, Adaptive Workflow Optimization, and Autonomous Decision Execution in n8n. ThinkTide Global Research Journal, 4(4), 30-38. https://thinktidejournal.com/index.php/TGRJ/article/view/42
  2. Al Siam, A., Hassan, M. M., Masum, A. K. M., & Bhuiyan, T. (2025, October). Automating Malware Detection and Response via Real-Time Threat Feed Integration with Wazuh SIEM. 2nd International Conference on Computing, Applications and Systems (COMPAS) (pp. 1-6). IEEE. https://doi.org/10.1109/COMPAS67506.2025.11381876 Alabdulhadi, S., & Al-Matouq, A. (2024). Efficient and standardized alarm rationalization for cybersecurity monitoring. IEEE Access, 12, 166936-166944. https://doi.org/10.1109/ACCESS.2024.3492264
  3. Ayittey, G. (2025). A security operations and analytics framework: Continuous detection and response [Doctoral dissertation, University of East London]. https://doi.org/10.15123/uel.8z91z
  4. Bakraouy, Z., Abbass, W., Baïna, A., & Bellafkih, M. The IT Infrastructure's Industrialization and Mastering. J. Commun., 14(10), 884-891. https://doi.org/10.12720/jcm.14.10.884-891
  5. Bcicen, B., (2022, March 22). ctop: Top-like interface for container metrics. GitHub. Accessed: 11 April 2026. https://github.com/bcicen/ctop
  6. Boyle, E., & Adebayo, Y. (2020). Designing intelligent security orchestration, automation, and response (SOAR) systems with AI. Revista Cintex, 25(2), 14-27.
  7. Casaclang, H., Ionescu, B., Kim, Y., & Jo, J. Y. (2026, March). Self-Hosted Workflow Automation for AI-Based Cybersecurity Operation. Journal of The Colloquium for Information Systems Security Education 13(1), 21-21. https://doi.org/10.53735/cisse.v13i1.241
  8. Chavan, N., Patel, H., & Shah, K. (2025, April). Comprehensive Approach to Android Penetration Testing: Techniques, Tools and Best Practices for Securing Mobile Applications. 12th International Conference on Computing for Sustainable Global Development (INDIACom) (pp. 01-07). IEEE. http://doi.org/10.23919/INDIACom66777.2025.11115701

Ayrıntılar

Birincil Dil

İngilizce

Konular

Bilgi Sistemleri (Diğer), Otonom Ajanlar ve Çok Yönlü Sistemler

Bölüm

Araştırma Makalesi

Yayımlanma Tarihi

29 Haziran 2026

Gönderilme Tarihi

29 Mart 2026

Kabul Tarihi

22 Haziran 2026

Yayımlandığı Sayı

Yıl 2026 Cilt: 19 Sayı: 1

Kaynak Göster

APA
Parmaksız, H., & Turhan, Ö. (2026). Open-Source Automation in Cyber Incident Response Processes: A Low-Code-Based Continuous Detection, Verification, and Response Architecture. Beykent Üniversitesi Fen ve Mühendislik Bilimleri Dergisi, 19(1), 32-54. https://doi.org/10.20854/bujse.1918683
AMA
1.Parmaksız H, Turhan Ö. Open-Source Automation in Cyber Incident Response Processes: A Low-Code-Based Continuous Detection, Verification, and Response Architecture. BUJSE. 2026;19(1):32-54. doi:10.20854/bujse.1918683
Chicago
Parmaksız, Hüseyin, ve Ömer Turhan. 2026. “Open-Source Automation in Cyber Incident Response Processes: A Low-Code-Based Continuous Detection, Verification, and Response Architecture”. Beykent Üniversitesi Fen ve Mühendislik Bilimleri Dergisi 19 (1): 32-54. https://doi.org/10.20854/bujse.1918683.
EndNote
Parmaksız H, Turhan Ö (01 Haziran 2026) Open-Source Automation in Cyber Incident Response Processes: A Low-Code-Based Continuous Detection, Verification, and Response Architecture. Beykent Üniversitesi Fen ve Mühendislik Bilimleri Dergisi 19 1 32–54.
IEEE
[1]H. Parmaksız ve Ö. Turhan, “Open-Source Automation in Cyber Incident Response Processes: A Low-Code-Based Continuous Detection, Verification, and Response Architecture”, BUJSE, c. 19, sy 1, ss. 32–54, Haz. 2026, doi: 10.20854/bujse.1918683.
ISNAD
Parmaksız, Hüseyin - Turhan, Ömer. “Open-Source Automation in Cyber Incident Response Processes: A Low-Code-Based Continuous Detection, Verification, and Response Architecture”. Beykent Üniversitesi Fen ve Mühendislik Bilimleri Dergisi 19/1 (01 Haziran 2026): 32-54. https://doi.org/10.20854/bujse.1918683.
JAMA
1.Parmaksız H, Turhan Ö. Open-Source Automation in Cyber Incident Response Processes: A Low-Code-Based Continuous Detection, Verification, and Response Architecture. BUJSE. 2026;19:32–54.
MLA
Parmaksız, Hüseyin, ve Ömer Turhan. “Open-Source Automation in Cyber Incident Response Processes: A Low-Code-Based Continuous Detection, Verification, and Response Architecture”. Beykent Üniversitesi Fen ve Mühendislik Bilimleri Dergisi, c. 19, sy 1, Haziran 2026, ss. 32-54, doi:10.20854/bujse.1918683.
Vancouver
1.Hüseyin Parmaksız, Ömer Turhan. Open-Source Automation in Cyber Incident Response Processes: A Low-Code-Based Continuous Detection, Verification, and Response Architecture. BUJSE. 01 Haziran 2026;19(1):32-54. doi:10.20854/bujse.1918683