OpenDefenders — Agentic SOC Platform

Agentic SOC Dashboard

Autonomous. Adaptive. Always Defending.

LIVE · 0 alerts

Last 24 hours

SOC Analyst

Threat Intelligence & Hunt

Run pre-built hunting queries against your live alert store · 5 alerts indexed

Repeat Attacker

IPs with 2+ alerts

Click to hunt →

Unresolved CRITICAL

CRITICAL not remediated

Click to hunt →

Credential Attacks

T1110 brute force

Click to hunt →

Ransomware Hunt

T1486/T1490 activity

Click to hunt →

Lateral Movement

T1021 lateral movement

Click to hunt →

C2 & Exfiltration

Command and Control

Click to hunt →

High Confidence Open

Confidence >85%

Click to hunt →

Recent CRITICAL (1h)

CRITICAL last hour

Click to hunt →

Threat Intelligence

IOC feed · MITRE ATT&CK coverage · Extracted from your live alerts

Active IOCs

Indicator	Type	Severity	Source	Added
10.0.1.45	IP	Critical	SOC Agent	11m ago
10.0.2.112	IP	Medium	SOC Agent	45m ago
185.234.56.78	IP	High	SOC Agent	1h ago
10.0.0.15	IP	Critical	SOC Agent	2h ago
malware-c2.evil.ru	Domain	High	OTX Feed	27m ago
d41d8cd98f00b204	MD5 Hash	High	VirusTotal	1h ago
CVE-2024-3094	CVE	Critical	NVD	1h ago

MITRE ATT&CK Coverage

Initial Access2/9

T1566.001

Execution2/12

T1059.001

Credential Access2/16

T1110.001

Lateral Movement2/9

T1021.001

Command & Control2/18

T1071.001

Privilege Escalation2/13

T1068

Assets

Assets detected from alert data · Connect Wazuh to auto-populate inventory

Asset Name	Type	IP Address	Open Alerts	Last Alert	Status
prod-dc-01	Server	10.0.1.45	1	11m ago	Alert
mail-gw-01	Server	Internal	1	23m ago	Alert
prod-web-01	Server	10.0.2.112	1	45m ago	Alert
ws-dev-03	Server	185.234.56.78	1	1h ago	Alert
prod-app-02	Server	10.0.0.15	1	2h ago	Alert
ws-dev-03	Workstation	10.0.3.44	0	Never	Healthy
db-primary-01	Database	10.0.1.10	0	Never	Healthy
mail-gateway	Gateway	10.0.0.2	0	Never	Healthy

Total Incidents

↓-24% vs yesterday

Critical Incidents

↓-16% vs yesterday

Alerts Processed

1248

↑+18% vs yesterday

MTTR (Agentic)

18m 42s

↓-32% vs yesterday

Auto-Resolved

↑+40% vs yesterday

Threat Detections

356

↑+22% vs yesterday

Incident Severity DistributionLast 24 hours

Critical5(22%)

High8(35%)

Medium6(26%)

Low3(13%)

Info1(4%)

Incidents Over TimeLast 24 hours

Critical

High

Medium

Low

Top Threats DetectedLast 24 hours

Phishing

9828%

Credential Access

7621%

Command & Control

6418%

Privilege Escalation

4513%

Lateral Movement

3710%

Data Exfiltration

3610%

Agentic Workforce

Active Agents

Triage Agent3Active

Investigation Agent3Active

Containment Agent2Active

Threat Intel Agent2Active

Response Agent2Active

Total Agents: 12All operational ●

Recent IncidentsView all incidents →

ID	Title	Severity	Status	Detected	Asset
INC-0056	Suspicious PowerShell Execution	Critical	Auto-Remediated	11m ago	prod-dc-01
INC-0055	Phishing Email Detected	High	Pending	23m ago	mail-gw-01
INC-0054	Multiple Failed Logins	Medium	Open	45m ago	prod-web-01
INC-0053	Outbound C2 Traffic	High	Pending	1h ago	ws-dev-03
INC-0052	Privilege Escalation Attempt	Critical	Approved	2h ago	prod-app-02

Agent Actions (Last 24h)

284

Total Actions

Investigate102(35.9%)

Enrich68(23.9%)

Contain54(19.0%)

Remediate38(13.4%)

Notify22(7.7%)

View all actions →

Playbook Executions

Total Executions ↑ 28% vs yesterday

Top Playbooks

Phishing Triage12

Malware Containment9

C2 Traffic Response6

Privilege Escalation5

View all playbooks →

Threat Intelligence Feed

New IOCs from MISP feed

23 IOCs added

11m ago

Malicious IP 185.220.101.12

Added to blocklist

27m ago

New CVE-2024-3094

Linux Kernel Privilege Escalation

1h ago

View threat intel →

Environment Health

OpenDefenders Platform

Healthy

Wazuh SIEM

Not Configured

Cloudflare WAF

Not Configured

Redis Cache

Healthy

Slack Notifications

Not Configured

Configure integrations →