Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.

Intelligent SOC automation framework powered by LangGraph multi-agent workflows for alert triage, correlation, and incident response

n8n workflow that pipes Wazuh SIEM alerts through Claude Haiku for AI triage. ~$0.001 per alert. Slack output with risk assessment + investigation commands.

SOC子引擎，基于agent-skills技术通过AI赋能SOC平台，对SOC告警进行研判、调查、响应。

AI-powered SIEM alert triage assistant for SOC analysts: classifies, prioritizes, and recommends response actions.

Hands-on cybersecurity portfolio featuring GRC, SOC/SIEM, Incident Response, and Automation projects. Includes risk assessments, Splunk log analysis, IR playbooks, and a full enterprise capstone case study.

SentinelForge: Autonomous SOC analyst platform with AI agents for alert triage, log correlation, threat hunting, and incident response.

Hands-on SOC Analyst lab portfolio — alert triage, reporting, escalation, and workbook-driven investigations (30-day project)

OpsPilot Discord-native AI on-call team that triages alerts, creates safe PRs, and manages incidents automatically.

AML triage prototype - This is a small Python prototype demonstrating how transaction monitoring alerts can be risk-scored and summarised for investigator review.

Our reusable, modifiable prompts and simple agents that are included within the Arcanna platform and invokable via Arcanna's AI Assistant

SOC / DFIR investigations portfolio with hands-on lab cases covering SIEM alert triage, Phishing Analysis, Malware analysis, Endpoint detection, Network Analysis. Built to demonstrate practical SOC Analyst L1/L2 and DFIR skills.

🤖 Automate incident response with OpsPilot, your Discord-based AI on-call team that triages issues and deploys safe PRs in minutes.

A local-LLM SOC analyst: an L1 agent (Gemma via Ollama) triages overnight SIEM alerts, learns benign patterns, and escalates only what it cannot resolve to an L2 (Claude) review. Runs on-box, free.

SOC alert investigations, SIEM practice labs, and incident analysis exercises completed on LetsDefend.

SOAR alert triage automation — n8n + 5 threat intel APIs, composite risk scoring, MITRE ATT&CK mapping. Auto-triages phishing and IP/URL alerts.

Welcome to my cybersecurity hub! As a Computer Science graduate, I am using this space to explore, build, and document hands-on infrastructure and defensive security homelabs. My goal is to to translate academic theory into practical security operations as I pursue a career as a SOC Analyst or Network Support Specialist.

A risk-based fraud alert triage system that scores transactions, prioritizes alerts by severity, and applies proportionate remediation actions to minimize financial loss while preserving customer experience.

SOC incident response simulation demonstrating alert triage, investigation steps, and incident documentation.

Splunk-based TryHackMe write-up covering alert triage, brute-force analysis, scheduled task persistence, and web shell investigation.