Mission Control for Your Operations

Practical DFIR and incident response playbooks covering phishing, malware, ransomware, insider threats, and cloud security incidents for SOC and IR teams.

Ask your logs what happened. Evidence-based incident explanations from logs: no dashboards, no chat, no hallucinations.

An agent driven incident investigation platform

Deterministic replay and distributed incident forensics for first-failure and blast-radius analysis.

Structured investigation method: 5 Ws + 5 Whys with Bayesian reasoning, causal DAG traversal, and formal proofs. For any domain — engineering incidents, business failures, medical diagnosis, personal decisions.

AI-powered incident analysis system using LLMs, FAISS vector search, and structured remediation planning

Python + Power BI project analyzing ServiceNow IT incident data. Identifies SLA breaches, delay patterns, and workload inefficiencies using statistical validation (Z-Test, ANOVA) and interactive KPI dashboards.

Self-arguing multi-agent LLM system for cybersecurity incident analysis that treats disagreement and uncertainty as first-class outputs instead of forcing single verdicts.

🛡️ A comprehensive web application built with Next.js for conducting systematic risk evaluations and root cause analysis. Features multi-step forms for project data collection, potential hazard assessment, immediate and basic cause identification, and corrective action planning.

av-safety-parser extracts aviation incident details from unstructured text, outputting standardized data on incident type, aircraft, and risks.

AI incident analysis agent over logs and metrics with anomaly detection, correlation, root-cause analysis, and LLM-assisted reporting.

Cloud-native Incident- und Replay-Plattform zur auditierbaren Analyse, Nachverfolgung und Wiederholung verteilter Transaktionen in Banking- und Enterprise-Systemen, mit Fokus auf Observability, Sicherheit und Event-Driven Architecture.

Threat hunting investigation analyzing Tor Browser activity using Microsoft Defender telemetry, KQL, and structured incident reporting.

CZB Security Lab public notes for Web3 security research and defensive wallet-risk analysis.

Case study on the 2023 T-Mobile data breach — attack path, scope, and regulatory implications.

issue-detection automation tool

🕸️ 3- Distributed platform for intelligent analysis of incidents in Artificial Intelligence systems, based on **MCP (Model Context Protocol)**, with structured communication among agents, services, and specialized servers for investigation, classification, traceability, and decision-making support.

A growing collection of structured TryHackMe walkthroughs as I train for SOC Analyst roles. Focused on enumeration, exploitation, and blue team techniques aligned with the SOC Level 1 path.