AI-SOC · SOAR Engineering · Agent Security

Building Secure AI Agents for SOC, SOAR, and Incident Response.

I design automation-first cybersecurity systems that connect AI agents, SIEM, SOAR, threat intelligence, and response workflows — with guardrails, auditability, and human control built in.

Read Research View Sample Report
Focus Automation-first Security
Stack SOAR · MCP · AI Agents
Discipline Human-in-the-loop Defense
About

Cybersecurity automation meets agentic AI.

I build secure AI-agent workflows for SOC, SOAR, MCP, incident response, and cybersecurity automation.

I work across SOAR engineering, AI security, incident response automation, and agentic security workflows. My focus is building practical systems where AI can assist SOC teams safely: querying tools, enriching IOCs, triaging alerts, recommending actions, and escalating with human approval.

15+
SOAR playbooks shipped to production environments
6
SIEM and EDR platforms integrated with AI agent layers
100%
Human-in-the-loop on destructive actions, by design
4
Open research projects on agent & MCP security
Expertise

Six disciplines, one operating model for secure automation.

Each domain feeds the next. Engineer playbooks, gate them with guardrails, plug them into your stack, and keep humans in control of the moments that matter.

SOAR Playbook Engineering

Production-grade playbooks for phishing, malware, EDR isolation, and SIEM enrichment — patterned, versioned, and reusable across tenants.

AI Agent Security

Threat modeling for tool-calling agents — covering prompt injection, data exfiltration, scope escalation, and untrusted-content boundaries.

MCP & Tool Guardrails

Policy, scoping, and auditing for MCP servers — controlling which tools an agent may invoke, with which arguments, under which approval mode.

Incident Response Automation

End-to-end flows from alert ingestion through containment — automated where safe, human-approved where consequential, fully audited end to end.

Threat Intelligence Enrichment

IOC enrichment chains across VirusTotal, Shodan, AbuseIPDB, and internal CTI — normalized scoring, deduplicated, agent-consumable JSON.

SIEM / SOC Workflow Design

Detection-to-action pipelines that reduce analyst toil — alert deduplication, severity calibration, and clean handoff into automation tiers.

Featured Projects

What I'm building right now.

Open and internal projects spanning agent guardrails, lab environments for AI-driven SOC work, prompt-injection defenses, and reusable SOAR blueprints.

MCP Guardian

Active

A security layer for monitoring and controlling AI agent tool usage across MCP servers — policy gates, call inspection, scope enforcement, and an audit trail.

MCP Python FastAPI OPA
Catches scope-violating tool calls before they reach the network boundary.
View Project

Agentic SOC Lab

Beta

A lab for testing AI-driven alert triage, IOC enrichment, and response workflows — synthetic telemetry, scoped tools, and a replay harness for tuning.

LangChain Claude Splunk Docker
Measures triage accuracy and false-positive rates per agent revision.
View Project

Prompt Injection Defense Kit

Research

Experiments and controls to detect prompt injection, tool misuse, and data exfiltration attempts — a rule and classifier hybrid with measured efficacy.

OpenAI Classifiers Python Eval Suite
Layered defenses with separate detection for input, output, and tool args.
View Project

SOAR Automation Blueprints

Active

Reusable playbook patterns for phishing, malware alerts, EDR isolation, SIEM enrichment, and incident escalation — opinionated, tested, and tenant-portable.

XSOAR Tines Sentinel QRadar
Drops mean-time-to-respond by collapsing repeated analyst toil into patterns.
View Project
Workflow

From raw alert to audited action.

Seven stages. AI accelerates the middle. Humans remain in control of the moments where consequence and reversibility diverge.

01
Alert
Ingestion
02
AI
Triage
03
IOC
Enrichment
04
Risk
Scoring
05 · GATE
Human
Approval
06
SOAR
Action
07
Audit
Trail
Tools & Platforms

The stack I work across.

Vendor-agnostic by design. The patterns matter more than the vendor — but the integrations are real and shipped.

SOAR & SIEM
IBM SOAR
Google SecOps
Chronicle
Cortex XSOAR
Splunk SOAR
Tines
QRadar
Microsoft Sentinel
EDR & Threat Intelligence
CrowdStrike
SentinelOne
VirusTotal
Shodan
AbuseIPDB
AI & Automation
Python
MCP
Claude
OpenAI
LangChain
FastAPI
Docker
GitHub Actions
What I work on

The work I focus on.

Security reviews and builds for teams shipping AI agents and modernizing security operations — secure architecture, guardrailed tool execution, and audit-ready agent execution. These are the areas I study, build, and write about.

See all
Proof of Work

Evidence, not claims.

Repositories, diagrams, demos, test packs, blueprints, audit samples, case studies, and reports — the artifacts behind the positioning.

Case Study Previews

Selected work in concise executive form.

Problem, solution, result — three projects that show how the patterns land in real environments.

CS — 01

Phishing Mailbox Automation

Production
Problem
Analysts spent the first hour of each shift triaging reported phishing mailbox — repetitive, slow, prone to drift.
Solution
AI-assisted classifier, header and URL enrichment, attachment detonation, and a one-click contain action gated by analyst approval.
Result
~72% of reports auto-triaged with zero false-positive containment over the eval window.
CS — 02

AI-Assisted IOC Enrichment

Pilot
Problem
IOC enrichment was fragmented across 6 tools, with inconsistent confidence scoring and noisy duplicates.
Solution
An agent that calls scoped enrichment tools, reconciles results, normalizes confidence, and writes a single structured artifact back to the case.
Result
Enrichment time down ~80% with a consistent, agent-consumable schema across cases.
CS — 03

Guardrailed Agent Tool Execution

Research
Problem
An internal LLM agent had broad MCP tool access — no scoping, no policy gate, no audit trail on tool arguments.
Solution
A guardrail proxy in front of MCP servers — per-tool policy, argument validation, redaction, and a tamper-evident audit log per session.
Result
Scope violations dropped to zero in red-team eval; every call is now reviewable and replayable.
Writing & Research

Topical notes on AI-SOC, agent security, and SOAR.

Field notes on practical AI-SOC design — modeled threats, working defenses, and the engineering it takes to make them safe in production.

All research
FAQ

Frequently asked questions.

Short, technical answers about AI-SOC, SOAR automation, agent security, MCP, and human-in-the-loop response design.

What is AI Agent Security?
Agent Security is the practice of protecting AI agents from unsafe tool use, prompt injection, data leakage, privilege misuse, and uncontrolled automation when they interact with real systems such as SIEM, SOAR, EDR, threat intelligence platforms, and ticketing tools.
What is SOAR Automation?
SOAR Automation orchestrates security playbooks across SIEM, EDR, threat intelligence, and ticketing systems so analysts can move from alert to response with consistent, auditable steps and fewer manual handoffs.
What is MCP Security?
MCP Security is the set of policy, scoping, and audit controls applied to Model Context Protocol servers so AI agents can only call sanctioned tools, with validated arguments, under explicit approval modes, and with tamper-evident logs.
What is AI-SOC?
AI-SOC describes a Security Operations Center augmented by AI agents that triage alerts, enrich indicators of compromise, draft response actions, and escalate to humans for decisions that change state or impact users.
How can AI agents help SOC teams?
AI agents accelerate the repetitive middle of incident handling: deduplicating alerts, enriching IOCs across threat intelligence sources, drafting case notes, and recommending playbook branches. Humans retain control over containment, notification, and irreversible actions.
What are the risks of connecting AI agents to SOAR tools?
Direct agent-to-SOAR access creates risk of over-permissioned actions, prompt-injection-driven tool misuse, scope escalation, exfiltration through tool arguments, and untraceable changes. A guardrail layer with policy enforcement, argument validation, and audit logging mitigates these.
How can prompt injection affect tool-calling agents?
Prompt injection can manipulate a tool-calling agent into ignoring its system instructions, leaking secrets, calling unsanctioned tools, or supplying attacker-controlled arguments to legitimate ones. Layered detection on input, output, and tool arguments is required.
What is human-in-the-loop SOAR automation?
Human-in-the-loop SOAR places an explicit approval gate before any action that changes state, isolates a host, blocks a user, or notifies stakeholders. Automation handles enrichment and recommendation; humans authorize consequence.
How do you secure AI agents connected to SIEM and SOAR platforms?
Pair the agent with a policy engine that scopes tool access, validates arguments, redacts sensitive fields, gates destructive calls behind approval, and writes a tamper-evident audit log keyed to session, agent, and operator identity.
Why do AI-agent actions need audit trails?
Without an audit trail, AI-driven actions are unreviewable and unreplayable. Tamper-evident logs of every tool call, argument, and approval are required for incident review, compliance, and trust in autonomous workflows.
Let's connect

Let's build secure automation for the AI-SOC era.

Focused on practical cybersecurity automation, safe AI agents, and enterprise-ready SOAR workflows.