SecGraph AI: AI-Powered Security Analysis Platform

SecGraph AI is a next-generation security operations platform that leverages Google's Vertex AI to provide security teams with complete visibility, faster investigations, and reduced operational costs. It features a NotebookLM-inspired interface for a seamless user experience, combining a natural language query interface with powerful graph visualizations and AI-driven analytics.

This application is built with Next.js, React, Tailwind CSS, and leverages Google Cloud services like Vertex AI, Cloud Storage, and Identity and Access Management (IAM).

Core Features

• Data Ingestion & Storage: Securely ingests security-related data from Google Cloud Storage, leveraging Customer-Managed Encryption Keys (CMEK) and uniform bucket-level access.
• AI-Powered Threat Investigation: Deploys Vertex AI agents for automated threat analysis and response, including malware analysis and deobfuscation.
• Natural Language Query Interface: Allows users to perform security queries using natural language, with AI acting as a tool to extract the most relevant information.
• Neo4j-Style Graph Visualization: Renders interactive node-and-edge graph visualizations of security relationships, with dynamic styling based on risk levels and threat indicators from Vertex AI.
• NotebookLM-Inspired Interface: Implements a three-panel layout (Sources, Chat, Studio) for managing data sources, AI analysis, and investigation outputs.
• AI Analytics & Reporting: Leverages Vertex AI to generate predictive analytics on security trends and AI-powered dashboards for system health monitoring and user behavior analysis.
• Workspace SSO: Enables Google Workspace SSO for user authentication, integrating with Google Cloud IAM for role-based access control.

Technology & Design

• Frontend: Next.js, React, Tailwind CSS
• AI & Data: Google Vertex AI, Genkit, Google Cloud Storage
• Authentication: Google Workspace SSO, Google Cloud IAM
• UI/UX:
  • Layout: NotebookLM-inspired three-panel structure (Sources, Chat, Studio) with resizable panels.
  • Fonts: Inter for all body and headline text to ensure clarity and a modern feel.
  • Icons: Material Design icons for consistency and intuitive understanding.
  • Color Palette:
    • Primary: Deep Purple (#673AB7)
    • Accent: Electric Blue (#03A9F4)
    • Background: Light Gray (#F5F5F5)

Quick Start Guide

This guide will help you get the application up and running.

1. Prerequisites

• Node.js (v18 or later)
• npm or yarn

2. Installation

Clone the repository and install the dependencies:

git clone <repository-url>
cd <repository-name>
npm install

3. Environment Variables

Create a .env file in the root of the project and add your Gemini API key:

GEMINI_API_KEY=your_google_ai_studio_api_key

4. Running the Application

To run the application in development mode, which includes the Next.js frontend and the Genkit AI flows, use the following commands.

First, start the Genkit development server in one terminal (if using Genkit locally):

npm run genkit:dev

Then, in a separate terminal, start the Next.js development server:

npm run dev

The application will be available at http://localhost:3000. The Genkit developer UI will be available at http://localhost:4000.

How It Works

The platform uses Genkit flows defined in src/ai/flows/ to power its AI capabilities. These flows process natural language queries, analyze security data, and generate insights. The frontend, built with Next.js and React, consumes these AI services through server actions (src/app/actions.ts) to provide a seamless and interactive user experience.

• Frontend: The UI components are located in src/components/. The main application layout is in src/app/page.tsx and src/components/main-layout.tsx.
• AI Logic: The core AI agents and flows are in the src/ai/flows/ directory.
• Data: Mock data for data sources and the initial security graph can be found in src/lib/data.ts.