Portfolio Summary – Project Sentinel

AI-Augmented Modern SOC-in-a-Box on AWS

Project Sentinel is a fully cloud-native, AI-enhanced security operations platform that integrates attacker deception, real-time detection engineering, automated vulnerability workflows, and threat intelligence generation. It demonstrates how a modern SOC functions across both proactive security hygiene and real-world attack response — all optimized for cost, automation, and clarity.

Objective

Design and deploy an end-to-end SOC system that:

• Captures real attackers using a honeypot
• Parses, enriches, and analyzes security events in AWS
• Generates actionable threat intelligence
• Automates vulnerability management and IOC workflows via orchestration
• Uses AI to summarize attacks and extract IOCs
• Minimizes SIEM storage costs through filtering and tiering

The project intentionally mirrors the operational structure of a modern, lean Security Operations Center.

Two Pillars of Project Sentinel

Project Sentinel is divided into two complementary SOC layers:

Security Hygiene & Automation Layer (Proactive SOC)

Powered by Apache Airflow

This layer performs scheduled, proactive security automation, similar to daily operational tasks in enterprise SOCs.