This paper addresses the lack of applicability assessment for reinforcement learning (RL) and multi-agent RL (MARL) in AI-driven network defense under real-world constraints—such as data scarcity and adversarial interference—by proposing the first operational suitability evaluation framework. Methodologically, it integrates RL/MARL, explainable AI (XAI), and cybersecurity modeling to systematically quantify performance across five dimensions: policy optimality, collaboration level, interpretability, exploration efficiency, and operational integration. Crucially, it unifies algorithm selection, training robustness, and deployment feasibility into a single cohesive assessment paradigm and delivers a structured practical guideline. The framework bridges the gap between theoretical advances and industrial deployment, significantly enhancing the effectiveness, trustworthiness, and deployability of AI-based defense strategies. It provides a reusable, methodology-driven foundation for automated network defense.

Reinforcement Learning (RL) and Multi-Agent Reinforcement Learning (MARL) have emerged as promising methodologies for addressing challenges in automated cyber defence (ACD). These techniques offer adaptive decision-making capabilities in high-dimensional, adversarial environments. This report provides a structured set of guidelines for cybersecurity professionals and researchers to assess the suitability of RL and MARL for specific use cases, considering factors such as explainability, exploration needs, and the complexity of multi-agent coordination. It also discusses key algorithmic approaches, implementation challenges, and real-world constraints, such as data scarcity and adversarial interference. The report further outlines open research questions, including policy optimality, agent cooperation levels, and the integration of MARL systems into operational cybersecurity frameworks. By bridging theoretical advancements and practical deployment, these guidelines aim to enhance the effectiveness of AI-driven cyber defence strategies.