SecOps - Security Operations AI Copilot

🛡️ SecOps

AI-Powered Security & Maintenance Copilot with Advanced RAG

Overview

SecOps is a professional-grade AI-powered Security Operations Copilot that combines advanced RAG (Retrieval-Augmented Generation) with security-focused extensions. It provides intelligent answers to security questions with citations, trust scores, and source validation.

Key Features

• 🤖 Advanced RAG System: CRAG-style self-correcting synthesis with citations
• 🔍 Multi-Source Search: Vector store, web search, and CVE database integration
• ✅ Trust Scoring: Every answer includes trust scores and source validation
• 📚 Citation Management: Automatic citation extraction with URL health checks
• 🔧 Extensions Ready: Modular system for security operations
• 🔐 Auth & Storage: Full user management with Supabase
• 🎨 Modern UI: Beautiful, responsive interface with Tailwind + shadcn/ui

Architecture

Tech Stack

Backend:

• FastAPI (Python 3.11+)
• Async architecture with dependency injection
• Supabase (PostgreSQL + Auth + Storage)
• Qdrant or pgvector for vector storage
• OpenAI, Anthropic, Gemini support

Frontend:

• Next.js 14
• React with TypeScript
• Tailwind CSS + shadcn/ui
• Responsive chat interface

Project Structure

secops/
├── backend/                    # FastAPI Backend
│   ├── src/
│   │   ├── api/               # API routes
│   │   ├── rag_engine/        # Advanced RAG system
│   │   ├── extensions/        # Security extensions
│   │   ├── services/          # LLM, vector, Supabase
│   │   └── utils/             # Config, logging, caching
│   ├── main.py
│   ├── requirements.txt
│   ├── Dockerfile
│   └── schema.sql
│
├── app/                       # Next.js Frontend
│   ├── app/
│   │   ├── page.js           # Homepage
│   │   ├── login/            # Login page
│   │   └── dashboard/        # Dashboard
│   ├── components/
│   │   ├── Navbar.js
│   │   ├── Sidebar.js
│   │   ├── ChatUI.js
│   │   └── CitationPanel.js
│   └── package.json
│
└── README.md

Quick Start

Prerequisites

• Node.js 18+
• Python 3.11+
• Supabase account (for production)
• (Optional) Qdrant for vector storage

Frontend Setup

cd app
yarn install
yarn dev

Access the frontend at http://localhost:3000

Backend Setup

cd backend
pip install -r requirements.txt
cp .env.example .env
# Edit .env with your configuration
uvicorn main:app --reload --port 8000

Access the API at http://localhost:8000 API docs at http://localhost:8000/docs

Configuration

Backend Environment Variables

Create backend/.env from backend/.env.example:

# LLM Providers
OPENAI_API_KEY=your-key
ANTHROPIC_API_KEY=your-key
GEMINI_API_KEY=your-key
DEFAULT_LLM_PROVIDER=mock  # Change to openai, anthropic, or gemini

# Supabase
SUPABASE_URL=your-supabase-url
SUPABASE_KEY=your-supabase-anon-key
SUPABASE_SERVICE_KEY=your-service-key

# Vector Store
VECTOR_STORE_TYPE=mock  # Change to qdrant or supabase_pgvector

Frontend Environment Variables

Create app/.env.local:

NEXT_PUBLIC_API_URL=http://localhost:8000

Features

1. AI-Powered Security Assistant

• Ask security and DevOps questions in natural language
• Get detailed answers with citations and trust scores
• Automatic source validation and URL health checks

2. Advanced RAG Pipeline

Search Phase:

• Multi-source search orchestration
• Vector similarity search
• Web and CVE database integration

Synthesis Phase:

• CRAG-style self-correcting synthesis
• Citation-aware answer generation
• Trust score calculation

Citation Phase:

• Automatic citation extraction
• Source validation
• URL health checking

Validation Phase:

• Self-correction mechanisms
• Answer quality validation

3. Security Extensions

• Log Analysis: Intelligent log parsing and issue detection
• System Health: Automated health monitoring
• CVE Summary: Vulnerability analysis and summaries
• Security Recommendations: AI-powered security advice
• Cluster Config Review: Configuration validation

4. User Management

• Supabase authentication
• User profiles and settings
• Query history tracking
• Document upload and management

API Usage

Query RAG System

curl -X POST http://localhost:8000/api/rag/query \
  -H "Content-Type: application/json" \
  -d '{
    "question": "What is CVE-2024-1234?",
    "user_id": "user-123"
  }'

Analyze Logs

curl -X POST http://localhost:8000/api/extensions/analyze-logs \
  -H "Content-Type: application/json" \
  -d '{
    "extension_type": "log_analysis",
    "parameters": {
      "log_data": "Error: Connection timeout..."
    }
  }'

Deployment

Docker

# Build and run backend
cd backend
docker build -t secops-backend .
docker run -p 8000:8000 --env-file .env secops-backend

# Build and run frontend
cd app
docker build -t secops-frontend .
docker run -p 3000:3000 secops-frontend

Railway

1. Push code to GitHub
2. Connect repository to Railway
3. Deploy backend and frontend as separate services
4. Set environment variables in Railway dashboard

Fly.io

# Backend
cd backend
fly launch
fly deploy

# Frontend
cd app
fly launch
fly deploy

Render

1. Create two Web Services (backend and frontend)
2. Connect repository
3. Configure build and start commands
4. Set environment variables

Database Setup

Supabase Setup

1. Create a new project at https://supabase.com
2. Navigate to SQL Editor
3. Run the SQL from backend/schema.sql
4. Enable pgvector extension:

   CREATE EXTENSION IF NOT EXISTS vector;

5. Copy your project URL and keys to .env

Qdrant Setup (Optional)

For dedicated vector storage:

# Using Docker
docker run -p 6333:6333 qdrant/qdrant

# Or use Qdrant Cloud at https://cloud.qdrant.io

Development Status

✅ Completed

• Full architectural skeleton
• All class definitions and interfaces
• API route structure
• Frontend UI components
• Mock implementations for testing
• Configuration system
• Type definitions
• Database schema

🚧 To Be Implemented

• Real RAG engine logic (stubs ready)
• LLM integrations (interfaces ready)
• Search implementations (mock available)
• Citation processing logic (stubs ready)
• Extension implementations (stubs ready)
• Authentication logic (routes ready)

Next Steps

1. Implement RAG Engine: Add advanced logic to RAG engine files
2. Connect LLM Providers: Implement real LLM client logic
3. Add Search Integration: Implement web search and CVE database
4. Complete Citations: Add citation extraction and validation
5. Build Extensions: Implement security extension logic
6. Add Auth: Complete Supabase authentication

Contributing

The system is designed for easy extension:

1. Add LLM Provider: Implement LLMClientProtocol interface
2. Add Extension: Extend ExtensionsOrchestrator
3. Add Search Source: Extend SearchOrchestrator
4. Add Vector Store: Implement VectorStoreProtocol

All interfaces and protocols are defined and ready for implementation.

Export & Self-Hosting

The entire codebase is designed to be:

• ✅ Self-contained
• ✅ Docker-ready
• ✅ Environment-configurable
• ✅ Cloud-agnostic
• ✅ Fully exportable

Simply clone the repository and follow the setup instructions above.

License

MIT License - Feel free to use for personal and commercial projects.

Support

For issues, questions, or contributions:

• Open an issue on GitHub
• Review the API documentation at /docs
• Check the backend README at backend/README.md

---

Built with ❤️ for the security community