AiSOC

AiSOC is an open-source, MIT-licensed AI Security Operations Center (SOC) that provides real-time threat detection, autonomous triage, and MITRE ATT&CK-aware investigation. It is designed to be self-hosted, extensible, and free forever. The platform features streaming correlation via Kafka, agent-assisted triage with a copilot that records prompts and rationale, MITRE ATT&CK mapping for coverage heatmaps, attack graph visualization, detection-as-code with Sigma/KQL/EQL/YAML, and pluggable connectors for cloud trails, EDR, identity, network, and SaaS sources. The architecture is modular with separate services for ingest, detection, analysis, and response, all containerized. Use cases include security operations, threat hunting, incident response, and compliance monitoring.