Skip to content

msolimann2cs/safeagentsoc

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
config
config
 
 
data
data
 
 
db
db
 
 
diagrams/network
diagrams/network
 
 
docs
docs
 
 
reports
reports
 
 
scripts
scripts
 
 
src/safeagentsoc
src/safeagentsoc
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
README_PHASE_03.md
README_PHASE_03.md
 
 

Repository files navigation

<<<<<<< HEAD

SafeAgentSOC

SafeAgentSOC is a GRC-aware, tool-constrained AI SOC co-analyst prototype for reducing SOC alert fatigue through SIEM telemetry, alert normalization, incident case-building, context enrichment, LLM-assisted hypothesis generation, graph validation, risk scoring, GRC policy guardrails, constrained action recommendations, and human-in-the-loop approval.

Current Status

Phase 2 started: Scenario Design, Emulation, and Dataset Creation.

Current Sprint

Sprint 0: Workspace, dataset governance, and safety setup.

Phase 2 Goal

Create a controlled, labeled, MITRE-mapped Wazuh alert dataset across benign baseline, manual adversary emulation, Atomic Red Team validation, MITRE Caldera campaigns, and simulated-only high-risk gaps. The dataset will support later alert normalization, clustering, context enrichment, MITRE mapping, LLM hypothesis evaluation, graph validation, and policy-safe response evaluation.

=======

safeagentsoc

f8467cef03b5888f73ff6246979e76d32f73b841

About

SafeAgentSOC is a GRC-aware, tool-constrained AI SOC co-analyst prototype for reducing alert fatigue through Wazuh telemetry, alert normalization, case-building, context enrichment, LLM hypothesis generation, graph validation, and policy-safe response recommendations.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

 
 
 

Contributors

Languages