clab60917/RAG-LLM-SOC_analyst
SOC Analyst Level 1 Replacement using RAG LLM
This tool helps cybersecurity teams manage the overwhelming volume of server logs and security alerts. You feed it your server logs (like those from firewalls or servers), and it processes natural language questions about suspicious activities, failed logins, or general log summaries. The output is a clear, concise answer, acting like a Level 1 Security Operations Center (SOC) analyst.
No commits in the last 6 months.
Use this if your Level 1 SOC analysts are swamped with alerts and logs and you need an automated assistant to perform initial triage and answer common security queries quickly.
Not ideal if you need real-time threat detection from live data streams or require the system to automatically take actions like blocking IP addresses without human oversight.
Stars
27
Forks
5
Language
Python
License
MIT
Category
Last pushed
Aug 16, 2024
Commits (30d)
0
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/rag/clab60917/RAG-LLM-SOC_analyst"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Higher-rated alternatives
LLAMATOR-Core/llamator
Red Teaming python-framework for testing chatbots and GenAI systems.
sleeepeer/PoisonedRAG
[USENIX Security 2025] PoisonedRAG: Knowledge Corruption Attacks to Retrieval-Augmented...
kelkalot/simpleaudit
Allows to red-team your AI systems through adversarial probing. It is simple, effective, and...
JuliusHenke/autopentest
CLI enabling more autonomous black-box penetration tests using Large Language Models (LLMs)
SecurityClaw/SecurityClaw
A modular, skill-based autonomous Security Operations Center (SOC) agent that monitors...