Sentinel Zero Logo

SENTINEL ZERO

Autonomous AI Incident Responder & Forensic Agent
SYSTEM ACTIVE
SPLUNK MODE
AI SECURITY CO-PILOT

Autonomous Threat Hunting
at Machine Speed

Sentinel Zero triages Splunk alerts, extracts evidence timelines, self-corrects hallucinations, and drafts incident containment plans — all in seconds.

Sub-second triage
Self-correcting AI
SANS SIFT Forensics
MCP Protocol
SCROLL DOWN TO INITIALIZE INVESTIGATION

Live Splunk Security Alerts

Select an alert payload from the indexed SIEM events to run triage.

Fetching Splunk indices...

Sentinel Agent Mindstream

Idle

Logs will print here once analysis starts.

Forensic Evidence Targets

SIFT targets loaded into memory. Exposes safe read-only MCP commands.

SEC-PROD-SRV01_disk.raw
Size: 45 GB | Format: Raw dd | OS: Windows Server 2022
SEC-PROD-SRV01_memory.dmp
Size: 16 GB | Format: Volatility Dump | Processes Map
Forensic Visualization

SIFT Agent Mindstream

Idle

Audit processes will stream here live.

Self-Correction Inspector

Confidence: --%
Detected Hallucinations / Logic Flaws:
No inconsistencies flagged.
Corrected Findings Applied:
Verified findings are clean.

Incident Response Runbook

Runbook will generate when triage is complete.
UNIFIED ARCHITECTURE SUBMISSION

Dual Hackathon Project

A single, comprehensively engineered project serving as a submission for both the Splunk App Development Hackathon and the Finding Evil: Cybersecurity Hackathon.
Core Architecture
Gemini 2.5 Flash
Model Context Protocol
SANS SIFT Forensics
Splunk SIEM Integration
Stack
FastAPI + Python
FastMCP Server
Vanilla JS / HTML5
Vercel + HF Spaces
Key Innovations
Autonomous multi-iteration AI agent loop with self-correction
Real-time SSE streaming of agent reasoning to UI
Hallucination detection engine with confidence scoring
MCP-powered safe read-only forensic toolchain
AI-generated IR Runbook with MITRE ATT&CK mapping
Multi-key API fallback with exponential backoff
DEVELOPER
Kushal Soni
kushal-soni-official
A Step Forward in Autonomous Security

Sentinel Zero demonstrates a practical, production-ready approach to autonomous incident triage. By combining verifiable reasoning with robust safeguards against AI hallucinations, it aims to augment security teams and accelerate response times securely.

Thank you to the judges and organizers for the opportunity.