Downloads: 1
Research Paper | Computer Science and Engineering | Volume 15 Issue 5, May 2026 | Pages: 47 - 53 | United States
AI-Driven Contextual Risk Scoring Framework for PII-Aware Penetration Testing
Abstract: Modern automated penetration testing tools effectively identify application-layer vulnerabilities such as SQL Injection, Insecure Direct Object Reference (IDOR), Cross-Site Scripting (XSS), and authentication weaknesses. However, traditional vulnerability scoring systems emphasize technical severity and often overlook the business impact of exposed Personally Identifiable Information (PII), leading to suboptimal prioritization in enterprise environments. This paper presents an AI-Driven Contextual Risk Prioritization Framework for PII-aware penetration testing. The framework integrates AWS Security Agent outputs, API schema metadata, and a PII sensitivity taxonomy to construct enriched vulnerability context. An AI-based reasoning layer generates a Contextual Adjustment Factor (ACF), which is combined with PII sensitivity, exploitability, and exposure to produce a normalized risk score. Experimental results show improved prioritization of high-impact, data-sensitive vulnerabilities compared to CVSS-based approaches, while reducing the priority of lower-impact findings.
Keywords: Penetration Testing, PII Security, Risk Scoring, Artificial Intelligence, Vulnerability Prioritization
How to Cite?: Umashankara Kalaiah, "AI-Driven Contextual Risk Scoring Framework for PII-Aware Penetration Testing", Volume 15 Issue 5, May 2026, International Journal of Science and Research (IJSR), Pages: 47-53, https://www.ijsr.net/getabstract.php?paperid=SR26430035842, DOI: https://dx.dx.doi.org/10.21275/SR26430035842