Autonomous SOC analyst
An on-call AI agent that never escalates privileges or exfiltrates data without an audit trail.
What it does
- Receives PagerDuty / Opsgenie alerts and routes them to a triage Guardian.
- Pulls relevant logs from your SIEM via MCP tools.
- Drafts an initial incident report and proposes containment actions.
- Hands off to a human on-call engineer with a summary + suggested next steps.
Where Trinitite plugs in
| Surface | What governs it |
|---|---|
| The triage LLM call | A custom soc-triage Guardian trained on your incident-response runbook + your historical PagerDuty data. |
| Each MCP tool call (Splunk, Datadog, Snowflake) | Per-tool specialist Guardians — see MCP Gateway. |
| The agent's shell access (if any) | CLI Firewall. |
| Identity | A single NHI (nhi_soc_oncall) with limited-blast-radius scopes — see NHI Governance. |
| Containment-action approval | Tier-attestation via guardian_approval_hash for any L2 → L3 escalation. |
| Forensic record | Every triage step writes to the Glass Box Ledger. |
Concrete failure modes governed
- Privilege escalation in IAM tools — see T-MCP-002.
- IMDS metadata exfiltration — L6 IMDS Shield, see T-CLI-002.
- Recursive deletion in any host the agent touches — see T-CLI-001.
- Exfil to non-allowlisted domains — egress-side block at L1.
What's next
→ NHI Governance — the per-identity layer.
→ Cookbook: Govern Claude Code — same idea, a coding agent rather than a SOC agent.