Human-in-the-Loop
AuroraSOC follows a human-in-the-loop philosophy: AI agents handle analysis and correlation, but critical decisions require human authorisation. This keeps the operator accountable while letting the AI do the heavy lifting.
When humans are involved
Action classification
| Category | Actions | Approval Required |
|---|---|---|
| Read-Only | SIEM search, IOC lookup, log correlation, MITRE mapping | Never |
| Low-Impact | Create case, add timeline entry, generate report | Never |
| Medium-Impact | Block IP, run scan, enrich IOC | Only for critical assets |
| High-Impact | Isolate host, disable user account | Always |
| Irreversible | Revoke certificate, delete data | Always, with escalation |
Approval workflow
When an agent determines human approval is needed:
- The agent calls the RequestHumanApproval tool.
- A pending approval record is created in PostgreSQL with a configurable TTL (default 30 minutes).
- The analyst is notified via WebSocket.
- The agent polls for the decision while the analyst reviews the context.
- On approval the agent continues with the action. On rejection it takes an alternative path.
Approval record fields
| Field | Description |
|---|---|
| Case ID | Linked investigation case |
| Action Type | What action requires approval |
| Justification | AI agent's reasoning for the action |
| Context | Relevant alert and case data |
| Requested By | Agent type that requested |
| Status | pending / approved / rejected / expired |
| TTL | Time-to-live, default 30 minutes, configurable |
| Decided By | Human analyst who decided |
| Decision Time | When the decision was made |
Approval states
Timeout handling
A background scheduler expires stale approvals. When an approval expires the requesting agent receives the expired status, determines an alternative path (usually escalation), and an audit entry is created noting the missed approval. For time-critical actions the agent may create a new request with elevated urgency.
Audit trail
Every HITL interaction is logged to the audit table and the aurora:audit Redis stream. Each entry records the timestamp, agent type, action, target, decision, deciding analyst, justification, and response time. This provides compliance evidence, performance metrics, and training data for future automation tuning.
Why not fully automate
Even at high confidence, several reasons keep humans in the loop:
- Legal liability: Isolating a production server has business impact. Humans authorise.
- False positive risk: At 95% confidence, 5% of isolated hosts would be wrong.
- Context the AI lacks: A scheduled maintenance might look like an attack.
- Trust building: Organisations adopt AI incrementally. HITL builds trust.
- Regulatory requirements: Many frameworks mandate human oversight for critical actions.
As trust increases the approval thresholds can be adjusted to allow more autonomous action.