AI SOC Analyst for alert triage using Wazuh, n8n, and LLM
An automated Tier-1 SOC triage pipeline that ingests alerts from Wazuh, orchestrates workflows with n8n, and uses a 70B LLM to analyze and prioritize alerts. It reduces analyst fatigue by filtering noise and surfacing real threats.
Visit project ↗Entities
Related
AI agent converting threat intel to Sigma rules and SIEM detections
DetectionForge is an open-source AI agent that autonomously converts raw threat intelligence into validated Sigma rules and ready-to-deploy SIEM detections. It uses LLMs to translate intelligence and validate/repair its own outputs, solving the problem of security teams needing days to operationalize threat intel.
Multi-LLM ensemble platform for automated 0-day discovery and disclosure
0day Rubbish is an AI-driven platform that uses a multi-LLM ensemble to automatically discover and disclose critical zero-day vulnerabilities. It combines multiple large language models to analyze software, find exploits, and produce working proof-of-concepts. The platform aims to help security researchers and organizations identify severe vulnerabilities faster, with a first case study demonstrating a CVSS 9.8 unauthenticated RCE chain in Cisco CUCM 14.0.
Synapse: AI-powered bug detection before code is written
Synapse is a tool that uses LLMs to analyze software architecture and specifications to catch bugs before code is written. It addresses the problem of LLMs missing critical insights in security-critical and data-integrity projects, helping developers avoid bugs early in the development process.
Isitsecure: 1-command SAST, DAST, and LLM security scanner for web apps
Isitsecure is an open-source tool that performs Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and LLM-specific security scanning with a single command. It helps developers, especially those using AI-generated code, identify and exploit security vulnerabilities automatically. The tool addresses the problem of insecure AI-generated code by combining SAST findings with DAST exploitation attempts.
NeatContext: lightweight desktop app to give LLMs domain knowledge for oncall incident handling
NeatContext is a desktop application that lets LLMs access domain knowledge to handle oncall incidents more accurately. It solves the problem of SRE agents lacking domain-specific context, enabling better incident response without heavy infrastructure.

