M507/AI-SOC-Agent
Blackhat 2025 presentation and codebase: AI SOC agent & MCP server for automated security investigation, alert triage, and incident response. Integrates with ELK, IRIS, and other platforms.
SamiGPT is an AI-powered platform designed for Security Operations Centers (SOC) that automates the investigation and response to security alerts. It takes in security alerts from your SIEM and EDR systems, analyzes them using AI agents, and outputs categorized cases, incident summaries, and automated responses (like isolating an endpoint or enriching threat intelligence). Security analysts, incident responders, and SOC managers would use this to streamline their daily workflows.
Use this if you need to automate alert triage, incident investigation, and response across multiple security tools like SIEM, EDR, and case management systems, to reduce manual workload and speed up resolution.
Not ideal if you're looking for a standalone security product that requires no integration or technical setup, as this project requires connecting to existing security infrastructure and potentially configuring AI tools.
Stars
21
Forks
3
Language
Python
License
MIT
Category
Last pushed
Dec 28, 2025
Commits (30d)
0
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/mcp/M507/AI-SOC-Agent"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Higher-rated alternatives
Wh0am123/MCP-Kali-Server
MCP configuration to connect AI agent to a Linux machine.
DMontgomery40/pentest-mcp
NOT for educational purposes: An MCP server for professional penetration testers including...
BurtTheCoder/mcp-shodan
MCP server for Shodan — search internet-connected devices, IP reconnaissance, DNS lookups, and...
cyproxio/mcp-for-security
MCP for Security: A collection of Model Context Protocol servers for popular security tools like...
0x4m4/hexstrike-ai
HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot,...