/ series · 02 posts
Project Notes.
Build logs and deep dives on the tooling I ship — design decisions, tradeoffs, lessons.
- Part 01
How I built a CMMC-compliant SOC analyst assistant without sending data to an LLM
Most AI-in-the-SOC pitches start with an LLM and try to make it safe. I started with the compliance constraint and worked backward — here's the architecture.
- Note
Why I built a deterministic SOC assistant (instead of an LLM one)
LLM assistants are useful. They're also wrong sometimes, in ways that are hard to audit. Here's why I went the other direction.