Implementation of Generative Language Models in Cyber Exercise Secure Coding Using Prompt Engineering

Dublin Core

Title

Implementation of Generative Language Models in Cyber Exercise Secure Coding Using Prompt Engineering

Subject

Cyber Exercise;Generative Language Models; OWASP; Prompt Engineering; Secure Coding

Description

Utilizing Artificial Intelligence (AI) in various fields can open up great opportunities to improve cybersecurity. AI can effectively detect security threats, analyze attack patterns, and respond rapidly to changes in thecyber environment. Overthe times, the need for secure software is becoming increasingly urgent due to increasing vulnerabilities in software products. In 2022, the National Cyber and Crypto Agency (BSSN) recorded 2,348 cases of web defacement. One of theleading causes of these attacks is the need for more attention to secure coding practices during software development. Secure coding is also one of the critical aspects of implementing an Information Security Management System (ISMS), which is regulated in more detail in control 8.28 of ISO 27002:2022, where poor coding practices can trigger cyber-attacks and result in the breach of sensitive information assets. Therefore, a developer needs to have strong coding skills. This research explores the utilization of Large Language Models (LLMs), such as ChatGPT, in secure coding training to improve developer skills. Against the backdrop of increasing cybersecurity threats and a lack of attention to secure coding practices, LLMs are utilized as virtual assistantswith the Prompt Engineering method to provide immediate feedback and exercises to trainees. The LLM implementation was conducted in an ISO 22398-based learning environment, focusing on applying ISO 27001:2022 information security controls and material from OWASP Code Review GuideV2. The research provided a virtual lab Cyber Exercise Secure Coding to enhance developers' skills in secure coding practice

Creator

Jeckson Sidabutar1*, Alfido Osdie2

Source

https://jurnal.iaii.or.id/index.php/RESTI/article/view/6012/1044

Publisher

Cyber Security Engineering, Cyber Security,National Cyber and Crypto Polytechnic, Bogor, Indonesia

Date

16-04-2025

Contributor

FAJAR BAGUS W

Format

PDF

Language

ENGLISH

Type

TEXT

Files

Collection

Vol 9 No 2 (2025)

Citation

Jeckson Sidabutar1*, Alfido Osdie2, “Implementation of Generative Language Models in Cyber Exercise Secure Coding Using Prompt Engineering,” Repository Horizon University Indonesia, accessed January 26, 2026, https://repository.horizon.ac.id/items/show/10493.