tirreno is an open-source security framework. Event tracking, threat detection, and risk scoring for any application.

Cloud Security Operations Orchestrator

vPrioritizer enables us to understand the contextualized risk (vPRisk) on asset-vulnerability relationship level across the organization, for teams to make more informed decision about what (vulnerability/ties) they should remediate (or can afford not to) and on which (asset/s)

Security Analytics Engine - Anomaly Detection in Web Traffic

Detection of network traffic anomalies using unsupervised machine learning

Digital Twin Driven Security Analytics for the Industrial Internet of Things.

This repository contains an end-to-end walkthrough to leverage Google Cloud services to demonstrate Solution Accelerators for few business domains

Plug into extended SecOps: Bring Google Cloud's analytics to your local network. tshark captures on-prem, GCP transforms to UDM. Scalable, event-driven, via Terraform.

Production-ready authentication framework that saves you weeks of development. Features enterprise-grade security: 2FA/TOTP, LDAP integration, intelligent rate limiting, session fingerprinting, brute-force protection, security analytics dashboard, comprehensive audit logging, and granular role-based access control.

An end-to-end AI system for detecting insider threats using a hybrid machine learning approach (Isolation Forest + XGBoost). Features a high-performance ETL pipeline using DuckDB, real-time inference via FastAPI, and integrated Explainable AI (SHAP) for transparent risk assessment on the CERT R4.2 dataset.

This project demonstrates SSH authentication log analysis using Splunk SIEM to detect malicious activity such as brute-force attacks, unauthorized access attempts, and suspicious SSH behavior. It simulates real-world SOC analyst workflows, including log ingestion, SPL queries, dashboards, and alerting.

🛡️ CyberSentinel – Threat Intel + Log Correlation Dashboard. An analyst-grade security tool that ingests threat intelligence, parses SSH/Apache logs, correlates IOCs, and generates real-time alerts.

LIZARD (visuaLized Indicators for Zonal Anomaly Risk Detection) - Interactive fraud pattern visualization and ML-based anomaly detection platform.

AI-powered Zero Trust cyber defense platform with real-time threat monitoring, global attack visualization, and predictive security analytics

End-to-end network security pipeline for phishing data detection with data validation, ETL processing, and MongoDB storage using Python.

A scalable, Lakehouse-based SIEM architecture using Apache Kafka, Spark, Hadoop, and Hive for real-time security threat detection and large-scale log analytics

🔐 Malware Detection System using classical ML models to classify and detect malicious software based on behavior and feature patterns.

Research SOC testbed for alert correlation and noise reduction. Zeek + Wazuh + Elastic. Includes generated attack telemetry, detections, metrics, and reproducible experiments

Python tool for turning noisy system logs into actionable security intelligence.

Cybersecurity risk intelligence dashboard analyzing CVE vulnerabilities, CVSS risk scores, and financial exposure using Power BI.