MCP Guardian

Active

A security layer for monitoring and controlling AI-agent tool usage across MCP servers — policy gates, call inspection, scope enforcement, and a tamper-evident audit trail.

Security focusPrevents unsafe or over-permissioned MCP tool invocations from reaching the network boundary.

MCPPythonFastAPIOPAAudit
View Project

Agentic SOC Lab

Beta

A lab for testing AI-driven alert triage, IOC enrichment, and response workflows — synthetic telemetry, scoped tools, and a replay harness for tuning.

Security focusMeasures triage accuracy and false-positive containment risk per agent revision.

LangChainClaudeSplunkDockerEval Suite
View Project

Prompt Injection Defense Kit

Research

Detection controls for prompt injection, tool misuse, and data-exfiltration attempts — a rule + classifier hybrid with measured efficacy per layer.

Security focusLayered defenses across input, tool arguments, and outputs — never relying on a single check.

OpenAIClassifiersPythonEval Suite
View Project

SOAR Automation Blueprints

Active

Reusable playbook patterns for phishing, malware alerts, EDR isolation, SIEM enrichment, and incident escalation — opinionated, tested, and tenant-portable.

Security focusStandardizes consequential SOC steps so they are reviewable across XSOAR, Tines, Sentinel, and QRadar.

XSOARTinesSentinelQRadar
View Project

AI-Assisted IOC Enrichment Engine

Beta

An agent that calls scoped enrichment tools across VirusTotal, Shodan, AbuseIPDB and internal CTI, reconciles results, normalizes confidence, and writes a single artifact per case.

Security focusRemoves drift in enrichment quality and gives downstream playbooks a stable schema.

PythonVirusTotalShodanAbuseIPDBMCP
View Project

Guardrailed Agent Tool Execution

Research

A guardrail proxy in front of MCP and HTTP tool surfaces — per-tool policy, argument validation, redaction, and a tamper-evident audit log per session.

Security focusCuts scope-violating calls to zero in red-team eval and makes every call replayable.

MCPPolicyAuditPython
View Project
Read the patterns

Project work is paired with case studies and topic notes.

Browse the case studies for outcome-focused write-ups, or the research notes for the threat models behind the code.