No description available

Autonomous SOC Analyst (Agentic AI Security Automation)

Agentic SOC Analyst: A secure, local MCP server connecting Claude AI to Splunk Enterprise. Natural language threat hunting without data leaving your network.

No description available

Simple AI Agent for SOC Analysts

No description available

SentinelForge: Autonomous SOC analyst platform with AI agents for alert triage, log correlation, threat hunting, and incident response.

ThreatSage is a computer AI-based security agent that mimics the analyst's thinking within a Security Operations Center (SOC). It will analyze suspicious logs, enrich IP, and suggest actionable replies—driven by LLMs.

This project is an AI-powered multi-llm agent SOC (Security Operations Center) assistant that helps analysts investigate and triage security alerts. It leverages LangChain, LangGraph, and external threat intelligence APIs to automate enrichment and analysis.

An enterprise grade autonomous agentic operations platform engineered to detect, triage, and respond to threats across local area network environments while operating within strict governance and security guardrails.

No description available

An intelligent, automated SOC assistant that analyzes security alerts, triages incidents, and generates detailed investigation reports using AI.

No description available

AI-enhanced Security Operations Center (SOC) automation platform built with Python, SQLite, and Agent Zero. Implements log ingestion, detection engineering (SSH brute force & web scanning), incident lifecycle management, and AI-generated threat analysis via a local web dashboard.

No description available

AI-Driven SOC Automation Pipeline: Built with Python, Kali Linux, and Airia.ai to capture live malicious traffic (like SSH brute-force and ICMP floods), automatically calculate risk scores, and generate Tier-1 analyst reports using a strict defensive AI playbook.

AI-powered SOC analyst dashboard for alert triage, severity classification, MITRE ATT&CK mapping, and incident response guidance using a free local rule-based engine.

An automated Tier-1 Security Operations Center (SOC) Analyst agent built using LangChain, LangGraph, and Google Gemini. This tool autonomously investigates security alert tickets by correlating data across multiple security platforms to generate a comprehensive incident report.

No description available

No description available

No description available

An AI-assisted SOC workflow built in Python to help analysts investigate suspicious activity in Azure environments using Log Analytics, Microsoft Defender, and OpenAI.

AI-Powered SOC Analyst Agent with Azure ELK Stack integration

Autonomous SOC alert triage agent. Reduces analyst burnout using AI and reinforcement learning.

AI-powered SOC Analyst home lab using Python, packet capture, and an AI triage agent.

AI-powered SOC analyst agent for threat detection, vulnerability management, and automated response.

Autonomous SOC Analyst Agent (ASAA) simulates a Tier-1 SOC analyst by detecting anomalous behavior from application logs and autonomously generating security incidents with explanations and remediation steps using agentic AI.

A simulated compromised Linux server where an AI agent acts as a Tier-1 SOC analyst.

Professional MCP server for deep packet inspection. Transform Claude and AI agents into autonomous SOC analysts.

AI-Powered SOC Analyst Agent — Automated security log analysis, threat detection, MITRE ATT&CK mapping, and incident report generation