tirreno is a security framework. Event tracking, threat detection, and risk scoring for any product.

Cloud Security Operations Orchestrator

vPrioritizer enables us to understand the contextualized risk (vPRisk) on asset-vulnerability relationship level across the organization, for teams to make more informed decision about what (vulnerability/ties) they should remediate (or can afford not to) and on which (asset/s)

Security Analytics Engine - Anomaly Detection in Web Traffic

Detection of network traffic anomalies using unsupervised machine learning

Digital Twin Driven Security Analytics for the Industrial Internet of Things.

Plug into extended SecOps: Bring Google Cloud's analytics to your local network. tshark captures on-prem, GCP transforms to UDM. Scalable, event-driven, via Terraform.

Production-ready authentication framework that saves you weeks of development. Features enterprise-grade security: 2FA/TOTP, LDAP integration, intelligent rate limiting, session fingerprinting, brute-force protection, security analytics dashboard, comprehensive audit logging, and granular role-based access control.

This repository contains an end-to-end walkthrough to leverage Google Cloud services to demonstrate Solution Accelerators for few business domains

Power Query collection for SentinelOne - KQL queries, data transformations, and analysis templates for security operations and threat hunting

Standalone edge protection sensor and fleet management platform

An end-to-end AI system for detecting insider threats using a hybrid machine learning approach (Isolation Forest + XGBoost). Features a high-performance ETL pipeline using DuckDB, real-time inference via FastAPI, and integrated Explainable AI (SHAP) for transparent risk assessment on the CERT R4.2 dataset.

Security analytics data lake for TrustOps evidence: governance datasets, findings pipelines, compliance analytics, audit trails, and control-plane reporting.

This project demonstrates SSH authentication log analysis using Splunk SIEM to detect malicious activity such as brute-force attacks, unauthorized access attempts, and suspicious SSH behavior. It simulates real-world SOC analyst workflows, including log ingestion, SPL queries, dashboards, and alerting.

LIZARD (visuaLized Indicators for Zonal Anomaly Risk Detection) - Interactive fraud pattern visualization and ML-based anomaly detection platform.

Crash course for new tirreno developers. Open-source security framework architecture, integration guide, and risk rules for developers and product teams.

SENTINEL SOC is a professional-grade Security Operations Center (SOC) dashboard that simulates real-world threat detection, investigation, and response workflows. Built with React and Recharts, it features live alert monitoring, interactive investigation playbooks with terminal-style execution, global attack maps, real-time CVE intelligence🔒.

ML-powered cloud monitoring platform that detects infrastructure anomalies, analyzes system health metrics, and generates intelligent alerts for proactive incident response.

🛡️ CyberSentinel – Threat Intel + Log Correlation Dashboard. An analyst-grade security tool that ingests threat intelligence, parses SSH/Apache logs, correlates IOCs, and generates real-time alerts.

AI-powered cybersecurity monitoring platform that detects suspicious digital attacks, analyzes threat patterns, visualizes intrusion risks, and assists in proactive cyber defense management.