Cognitive Security
Operations Center

AI-powered SOC platform with real-time threat detection, automated response, and intelligent orchestration. Process 100,000+ events per second with four specialized AI agents working together.

View on GitHub Explore Features

100K+ Events/sec

4 AI Agents

<200ms P95 Latency

10:1 Compression

localhost:3001

Features

Everything you need for
modern security operations

From high-speed ingestion to AI-powered analysis, Kshetra provides a complete SOC platform.

Alert Triage

AI-powered alert classification with automated severity scoring and MITRE ATT&CK mapping.

Natural Language Search

Query your security data using plain English. Smart time and entity extraction built-in.

AI Briefings

Auto-generated 2-sentence summaries for every alert using Gemini AI.

High-Throughput Ingestion

gRPC + Kafka pipeline processing 100,000+ events per second with sub-200ms latency.

SIGMA Rules

Import community detection rules, YAML validation, and custom rule creation.

SOAR Automation

Visual workflow designer with Block IP, Disable User, and notification actions.

Demo

See Kshetra in action

Watch how Kshetra transforms your security operations workflow.

Product Demo Coming Soon

Real-time alert triage

AI agent orchestration

Automated remediation

Natural language queries

AI Agents

Four specialized agents
working in harmony

Sanskrit-named AI agents powered by Gemini, each designed for a specific SOC function.

सूत्रधार

Sutradhara

Orchestrator

Master of threads — intelligently routes queries to specialized agents and coordinates multi-agent workflows.

विवेक

Viveka

Triage

Discernment — classifies alerts, suggests priority levels, and provides MITRE ATT&CK mapping.

चिकित्सा

Chikitsa

Remediation

Healing — suggests fix actions with executable CLI commands, playbooks, and investigation steps.

मृगया

Mrigaya

Hunter

The Hunt — generates proactive threat hunting queries in KQL, Splunk SPL, and SIGMA formats.

API Example

POST /api/v1/agents/query
{
  "query": "How do I remediate this brute force attack?",
  "context": {
    "alert_id": "ALT-001",
    "source_ip": "185.234.72.15",
    "severity": "critical"
  }
}

Comparison

Unified SOC Platform

Kshetra combines next-gen SIEM detection with SOAR automation, replacing fragmented legacy stacks.

Feature	Kshetra (Unified)	Legacy SIEM	Standalone SOAR
Primary Function	Detection + Response	Log Analysis	Automation
Event Throughput	100K+ EPS	10K-50K EPS	N/A (Ingests Alerts)
AI Agents	Built-in (4 Agents)	None	Playbook-based
Natural Language Query	Full Support	Complex Query Lang	No
Architecture	Converged (SIEM+SOAR)	Siloed	Siloed
Storage Cost	10:1 Compression	High (Raw Logs)	N/A
Deployment	Flexible (Anywhere)	On-premise	SaaS / Cloud
Pricing	Open Source	$50K-500K/year	$20K-200K/year

Integrations

Connect to your existing stack

Seamlessly integrate with your current security tools and infrastructure.

Kafka Streaming

ClickHouse Storage

PostgreSQL Database

Redis Cache

AWS CloudTrail Cloud

Wazuh SIEM

Syslog Logging

Slack Alerts

Built with modern technology

Go Backend API & Ingestion

React Frontend Dashboard

gRPC High-speed RPC

Gemini AI LLM Intelligence

Cognitive Security Operations Center

Everything you need formodern security operations