SentinLLM is a Proof of Concept (POC) designed for the TCS GenAI Internship application. It serves as a Multi-Agent Cyber Defense System that autonomously parses server logs, detects security threats (e.g., Brute Force, SQL Injection, Unauthorized Access), and recommends actionable mitigation strategies based on OWASP and Functional Safety (FuSa) standards.
- Orchestration: CrewAI (Agentic AI Framework)
- LLM Engine: Groq (Inference Speed) running Meta Llama 3.3-70b-Versatile
- Integration: LangChain
- Frontend: Streamlit
- Language: Python 3.13
SentinLLM employs a Multi-Agent Orchestration pattern where specialized autonomous agents collaborate to solve complex security tasks:
-
Agent 1: SOC Analyst 🕵️♂️
- Role: Detect patterns in raw logs.
- Capabilities: Identifying Brute Force attacks, SQL Injections, and abnormal behavior.
- Goal: Provide a structured analysis of threats.
-
Agent 2: Security Engineer 🛠️
- Role: Mitigation & Hardening.
- Capabilities: Mapping threats to firewall rules (iptables/ufw) and code fixes.
- Goal: Ensure system resilience and compliance with FuSa protocols.
In modern automotive and industrial systems (ISO 26262), cybersecurity is a prerequisite for safety. SentinLLM demonstrates how Agentic AI can provide continuous monitoring and rapid response mechanisms, essential for maintaining the integrity and availability of safety-critical systems.
-
Clone the Repository
git clone https://github.com/your-username/SentinLLM.git cd SentinLLM -
Install Dependencies
pip install -r requirements.txt
-
Configure Environment Create a
.envfile in the root directory:GROQ_API_KEY=gsk_your_groq_api_key_here -
Run the Application
streamlit run app.py
-
Usage
- Upload a server log file (
.txtor.log). - Click "Run SentinLLM Analysis".
- View the Threat Distribution Chart and detailed Mitigation Plan.
- Upload a server log file (
Built with ❤️ for the TCS GenAI Internship.