PROJECT-AEGIS2025 - Present

Project AEGIS

Modular SIEM weapon system with offline and cloud-native deployment

#The Problem

Traditional SIEM solutions are either cloud-only (unsuitable for air-gapped environments) or on-premise monoliths (hard to scale). Security operations need a flexible system that works in both connected and disconnected environments while maintaining forensic integrity of all collected data. While still being regularly updated and maintained.

#Key Constraints

01Some operate fully offline in air-gapped networks

02Forensically sound storage with chain-of-custody

03Support both in-band and out-of-band data collection

04Modular architecture for selective capability deployment

05Real-time correlation with sub-second latency

06Access to fresh information daily

#The Solution

Designed a modular SIEM architecture with pluggable collectors, a high-performance correlation engine, and cryptographically verified storage. The system uses a mesh architecture for distributed deployment, with automatic failover and data synchronization when connectivity is restored. Each module is independently deployable and can operate standalone.

#Impact

POC Phase, no production deployment yet

Processing 100k events per hour

Zero data integrity incidents since testing

Metadata

ROLEFounder & Lead Developer

Visualization

System Status

Network Load

UP99.9%

[SYSTEM] SCANNING...[ALERT] PORT 8080 TRAFFIC SPIKE[INFO] NODE 04 ONLINE[SYSTEM] UPDATING RULES...[ALERT] UNAUTHORIZED ACCESS ATTEMPT

Technology Stack

RustElasticsearchKafkaKubernetesgRPCMISPLocal VLLMs

< Previous SystemBlackbox AI CTF Engine Next System >AverAI