Research
RuleForge: AWS Internal System Auto-Generates WAF Detection Rules From CVE Descriptions Using LLMs
AWS researchers present RuleForge, an internal system that automatically generates JSON-based HTTP detection rules from structured CVE descriptions, addressing the gap where 48,000+ new CVEs were published in 2025 but manual rule creation can't keep pace. The system uses LLMs with RAG to produce rules that identify malicious HTTP requests exploiting specific vulnerabilities. For security teams running WAFs, this represents the automation of a critical bottleneck in vulnerability response.
Source
↳ Follow the thread