Quick Start · Learn More · Workspace Features
Agentic SOC Platform is an open-source security operations platform built on Agentic AI, enabling agents to proactively participate in triage, investigation, enrichment, and knowledge accumulation so security teams can move from alert fatigue to AI-assisted decision-making.
Modules stream SIEM / Webhook alerts, extract IOCs, correlate related signals, and generate Cases, Alerts, and Artifacts so massive log volumes converge into a small number of actionable cases.
Compress hours of manual analysis into seconds, automatically producing severity, confidence, impact, priority, verdicts, and structured investigation reports.
Launch LLM investigation, knowledge extraction, threat intelligence enrichment, and CMDB enrichment around each Case, orchestrating traditional SOAR workflows and AI analysis in the same Playbook system.
Expose ASP capabilities to Claude Code / Codex / OpenCode and other Harness Agents through plugins and MCP, enabling agents to operate Cases, search logs, query threat intelligence, and write modules and playbooks directly.
Support Splunk, ELK configuration, unified log search, and Webhook alert ingestion so LLMs, agents, and analysts all work with the same security context.
Automatically enrich IOCs and Artifacts with reputation, pulses, asset, identity, and historical context so every suspicious entity appears with evidence for judgment.
Extract reusable knowledge from closed Case investigation records, response processes, and discussions, allowing organizational experience to grow with every response.
Local / LDAP login, user roles, API Keys, Inbox notifications, and Audit Log provide foundational governance so security operations no longer depend on fragmented tools.
Use Python Modules to adapt new SIEM rules and alert sources, and use Playbooks to orchestrate LLM analysis and automated actions so the platform grows with your security scenarios.
MIT licensed, fully local deployment supported. Security data stays inside your network, while the backend, frontend, and extension scripts remain clear and controllable.
Agentic SOC Platform has joined 404Starlink











