tirreno is an open-source security framework. Event tracking, threat detection, and risk scoring for any application.

Cloud Security Operations Orchestrator

vPrioritizer enables us to understand the contextualized risk (vPRisk) on asset-vulnerability relationship level across the organization, for teams to make more informed decision about what (vulnerability/ties) they should remediate (or can afford not to) and on which (asset/s)

Security Analytics Engine - Anomaly Detection in Web Traffic

Detection of network traffic anomalies using unsupervised machine learning

Digital Twin Driven Security Analytics for the Industrial Internet of Things.

This repository contains an end-to-end walkthrough to leverage Google Cloud services to demonstrate Solution Accelerators for few business domains

Plug into extended SecOps: Bring Google Cloud's analytics to your local network. tshark captures on-prem, GCP transforms to UDM. Scalable, event-driven, via Terraform.

Production-ready authentication framework that saves you weeks of development. Features enterprise-grade security: 2FA/TOTP, LDAP integration, intelligent rate limiting, session fingerprinting, brute-force protection, security analytics dashboard, comprehensive audit logging, and granular role-based access control.

An end-to-end AI system for detecting insider threats using a hybrid machine learning approach (Isolation Forest + XGBoost). Features a high-performance ETL pipeline using DuckDB, real-time inference via FastAPI, and integrated Explainable AI (SHAP) for transparent risk assessment on the CERT R4.2 dataset.

This project demonstrates SSH authentication log analysis using Splunk SIEM to detect malicious activity such as brute-force attacks, unauthorized access attempts, and suspicious SSH behavior. It simulates real-world SOC analyst workflows, including log ingestion, SPL queries, dashboards, and alerting.

LIZARD (visuaLized Indicators for Zonal Anomaly Risk Detection) - Interactive fraud pattern visualization and ML-based anomaly detection platform.

🛡️ CyberSentinel – Threat Intel + Log Correlation Dashboard. An analyst-grade security tool that ingests threat intelligence, parses SSH/Apache logs, correlates IOCs, and generates real-time alerts.

🔐 Malware Detection System using classical ML models to classify and detect malicious software based on behavior and feature patterns.

Splunk project analyzing simulated Linux syslog data to detect brute-force login attempts, error rate anomalies, escalated warnings, and correlated security events. Demonstrates advanced SPL, time-window correlation, lookup-based classification, and real-world SOC/SRE insights through storytelling dashboards.

ATTACK-Navi — Angular 19 MITRE ATT&CK workbench with 24 heatmap modes, MISP/OpenCTI integrations, and analyst workflows across coverage, exposure, detection, and defense.

Cybersecurity risk intelligence dashboard analyzing CVE vulnerabilities, CVSS risk scores, and financial exposure using Power BI.

SENTINEL is an immersive insider threat detection and training platform designed for security analysts, SOC teams, and IT professionals. Featuring a fully simulated UEBA (User and Entity Behavior Analytics) environment, interactive threat simulations, and comprehensive indicators of compromise (IOCs) library🔒👨🏿‍💻.

A scalable, Lakehouse-based SIEM architecture using Apache Kafka, Spark, Hadoop, and Hive for real-time security threat detection and large-scale log analytics

End-to-end network security pipeline for phishing data detection with data validation, ETL processing, and MongoDB storage using Python.