Large language models (LLMs) present a dual role in cybersecurity—serving both as intelligent enablers and emerging sources of security risk. Method: We propose an LLM-augmented framework that integrates semantic understanding and contextual reasoning for core tasks including threat detection, vulnerability assessment, and incident response, extending it to IoT, blockchain, and hardware security domains; concurrently, we conduct the first systematic analysis of LLM-specific vulnerabilities—such as prompt injection, training data leakage, and inference logic drift—and introduce a layered defense strategy. Contribution/Results: We establish a co-governance framework balancing application efficacy and intrinsic security, identify key technical bottlenecks hindering scalable deployment, and validate effectiveness across multiple real-world case studies. This work provides theoretical foundations and practical pathways for building robust, trustworthy, and future-ready LLM-enhanced cyber defense systems.

Large Language Models (LLMs) are transforming cybersecurity by enabling intelligent, adaptive, and automated approaches to threat detection, vulnerability assessment, and incident response. With their advanced language understanding and contextual reasoning, LLMs surpass traditional methods in tackling challenges across domains such as IoT, blockchain, and hardware security. This survey provides a comprehensive overview of LLM applications in cybersecurity, focusing on two core areas: (1) the integration of LLMs into key cybersecurity domains, and (2) the vulnerabilities of LLMs themselves, along with mitigation strategies. By synthesizing recent advancements and identifying key limitations, this work offers practical insights and strategic recommendations for leveraging LLMs to build secure, scalable, and future-ready cyber defense systems.