llm-kb
← Back to products
Productlaunched

AI SOC Analyst for alert triage using Wazuh, n8n, and LLM

An automated Tier-1 SOC triage pipeline that ingests alerts from Wazuh, orchestrates workflows with n8n, and uses a 70B LLM to analyze and prioritize alerts. It reduces analyst fatigue by filtering noise and surfacing real threats.

Visit project ↗
0 engagement·1 source·Mon, Jul 13, 2026, 10:59 AM
The system connects Wazuh (SIEM) to n8n (automation) and a 70B language model. The LLM evaluates each alert's context, severity, and potential impact, then assigns a priority score. Analysts only review high-priority alerts. The author claims it handles thousands of alerts per day with minimal false positives. Tech stack: Wazuh, n8n, 70B LLM (likely open-source). No traction metrics provided.

Entities

n8n(tool)Wazuh(tool)70B model(model)

Related

Product

AI agent converting threat intel to Sigma rules and SIEM detections

DetectionForge is an open-source AI agent that autonomously converts raw threat intelligence into validated Sigma rules and ready-to-deploy SIEM detections. It uses LLMs to translate intelligence and validate/repair its own outputs, solving the problem of security teams needing days to operationalize threat intel.

1 engagement·1 source·reddit
Sat, Jul 11, 2026, 08:36 AM
Product

Multi-LLM ensemble platform for automated 0-day discovery and disclosure

0day Rubbish is an AI-driven platform that uses a multi-LLM ensemble to automatically discover and disclose critical zero-day vulnerabilities. It combines multiple large language models to analyze software, find exploits, and produce working proof-of-concepts. The platform aims to help security researchers and organizations identify severe vulnerabilities faster, with a first case study demonstrating a CVSS 9.8 unauthenticated RCE chain in Cisco CUCM 14.0.

1 engagement·1 source·hackernews
Wed, Jul 8, 2026, 03:51 AM
Product

Synapse: AI-powered bug detection before code is written

Synapse is a tool that uses LLMs to analyze software architecture and specifications to catch bugs before code is written. It addresses the problem of LLMs missing critical insights in security-critical and data-integrity projects, helping developers avoid bugs early in the development process.

2 engagement·1 source·reddit
Mon, Jul 13, 2026, 09:25 AM
Product

Isitsecure: 1-command SAST, DAST, and LLM security scanner for web apps

Isitsecure is an open-source tool that performs Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and LLM-specific security scanning with a single command. It helps developers, especially those using AI-generated code, identify and exploit security vulnerabilities automatically. The tool addresses the problem of insecure AI-generated code by combining SAST findings with DAST exploitation attempts.

2 engagement·1 source·hackernews
Sun, Jul 12, 2026, 08:07 PM
Product

NeatContext: lightweight desktop app to give LLMs domain knowledge for oncall incident handling

NeatContext is a desktop application that lets LLMs access domain knowledge to handle oncall incidents more accurately. It solves the problem of SRE agents lacking domain-specific context, enabling better incident response without heavy infrastructure.

4 engagement·1 source·hackernews
Sun, Jul 12, 2026, 04:39 PM