← Back to projects
Security2024
Sentinel SOC
Cybersecurity monitoring dashboard correlating signals across endpoints, cloud and network.
Overview
A SOC analyst workspace that correlates endpoint, cloud, and network telemetry into a single triage queue.
Challenge
Analysts were drowning in alerts from 9 disparate tools — average mean-time-to-detect was over 8 hours.
Solution
We built a streaming correlation engine on Elastic, with a React workbench for investigation and playbook automation.
Outcomes
MTTD reduced from 8h to 22 minutes
70% of alerts auto-triaged
Compliant with SOC 2 and ISO 27001