Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1104 commits
Select commit Hold shift + click to select a range
0cc95f2
feat: add methods to store and retrieve Tranco top domains in RedisDB
eldraco Mar 19, 2026
7b876d5
feat: add support for Tranco top benign limit and import domains into…
eldraco Mar 19, 2026
3e58bbb
feat: add mock for tranco_top_benign_limit in ModuleFactory tests
eldraco Mar 19, 2026
2c85bf6
feat: add tranco top benign limit configuration and import functional…
eldraco Mar 19, 2026
53ff206
feat: add test for updating online whitelist with top 1000 domains
eldraco Mar 19, 2026
8044a47
feat: add benign match strength threshold to regex generator configur…
eldraco Mar 19, 2026
46a0731
feat: add benign match strength threshold for regex validation
eldraco Mar 19, 2026
c12853c
feat: add benign match strength threshold configuration and scoring d…
eldraco Mar 19, 2026
a4af77d
feat: implement strong benign match scoring and threshold configuration
eldraco Mar 19, 2026
4e001ce
feat: add regex generator benign match strength threshold configuration
eldraco Mar 19, 2026
6f4d79b
feat: add benign match strength threshold configuration to regex gene…
eldraco Mar 19, 2026
403a908
feat: enhance benign match strength validation and scoring in regex g…
eldraco Mar 19, 2026
11770a4
feat: enhance regex match strength reporting and scoring details in R…
eldraco Mar 19, 2026
67ba2fd
feat: refactor match strength computation and specificity measurement…
eldraco Mar 19, 2026
a7e79a3
feat: enhance benign regex acceptance criteria with match-strength sc…
eldraco Mar 19, 2026
501c0a9
feat: add statistical analysis for regex match strength and coverage …
eldraco Mar 19, 2026
aeebee9
feat: enhance runtime behavior for benign string imports based on ale…
eldraco Mar 19, 2026
d0e3dac
feat: enhance runtime behavior for benign string imports based on hos…
eldraco Mar 19, 2026
bf50281
feat: add handling for 'tw_closed' messages to import benign strings
eldraco Mar 19, 2026
f79942e
feat: add method to retrieve alternative flows by profile ID and TWID
eldraco Mar 19, 2026
f0896c5
feat: add method to insert multiple benign strings and return count o…
eldraco Mar 19, 2026
d070f34
feat: add method to retrieve all alternative flows by profile ID and …
eldraco Mar 19, 2026
fde8cfe
feat: add 'tw_closed' channel to regex generator
eldraco Mar 19, 2026
cae4b79
feat: add tests for handling benign string imports based on host status
eldraco Mar 19, 2026
165af58
feat: remove logging for rejected malformed LLM responses
eldraco Mar 20, 2026
353236e
feat: add test to ensure malformed LLM responses are dropped without …
eldraco Mar 20, 2026
bc779a9
feat: implement regex specificity measurement and match strength comp…
eldraco Mar 20, 2026
f3bd141
feat: add EvidenceSignals configuration for evidence handling
eldraco Mar 20, 2026
5b3fb45
feat: add Evidence Signals documentation for evidence handling and co…
eldraco Mar 20, 2026
61fbf40
feat: add Evidence signals section to documentation for evidence clas…
eldraco Mar 20, 2026
9dd5327
feat: add evidence_signal property to custom properties and metadata …
eldraco Mar 20, 2026
90c5ce0
feat: add evidence_signal to evidence data structure in EvidenceHandler
eldraco Mar 20, 2026
bffa08c
feat: add default and overrides methods for evidence signals in Confi…
eldraco Mar 20, 2026
93b1609
feat: implement evidence signal classification in AlertHandler
eldraco Mar 20, 2026
8ab1e3d
feat: add default evidence signal and overrides to RedisDB configuration
eldraco Mar 20, 2026
2270b08
feat: add EvidenceSignal enum and integrate into Evidence class
eldraco Mar 20, 2026
877a090
feat: add default and override evidence signals in ModuleFactory
eldraco Mar 20, 2026
55304e0
feat: add unit tests for evidence signal default and overrides in Con…
eldraco Mar 20, 2026
3bf4616
feat: add test for evidence signal inclusion in JSON log file
eldraco Mar 20, 2026
601d6cf
feat: enhance test_set_evidence to validate evidence_signal based on …
eldraco Mar 20, 2026
aeacf8d
feat: add evidence_signal validation and conversion tests in test_evi…
eldraco Mar 20, 2026
d1f8828
feat: update README to include T Cell module details and PAMP evidenc…
eldraco Mar 20, 2026
eb89867
feat: add T Cell responder module configuration to slips.yaml
eldraco Mar 20, 2026
50d2029
feat: add T Cell module description and details to detection_modules.md
eldraco Mar 20, 2026
a25e279
feat: update evidence_signals.md to clarify T Cell module's use of ev…
eldraco Mar 20, 2026
3fc24ce
feat: add T Cell module to index.rst documentation
eldraco Mar 20, 2026
a0bb514
feat: add T Cell module documentation detailing functionality and con…
eldraco Mar 20, 2026
be4234f
feat: add license and copyright information to T Cell module __init__.py
eldraco Mar 20, 2026
d1b6c13
feat: add README for T Cell module detailing functionality and usage
eldraco Mar 20, 2026
2bcbd27
feat: implement T Cell module for immune-style response and evidence …
eldraco Mar 20, 2026
1aa78c3
feat: add T Cell configuration methods to ConfigParser for enhanced f…
eldraco Mar 20, 2026
8cce4d8
feat: add T Cell storage management methods to DBManager for improved…
eldraco Mar 20, 2026
9f433fb
feat: implement TCellSQLiteDB and TCellStorage for database managemen…
eldraco Mar 20, 2026
0f578e9
feat: add TCell object creation method to ModuleFactory for enhanced …
eldraco Mar 20, 2026
09ab01b
feat: add unit tests for TCellStorage CRUD operations and persistence…
eldraco Mar 20, 2026
1577e8e
feat: add comprehensive unit tests for TCell functionality and eviden…
eldraco Mar 20, 2026
e874365
feat: enhance TCell configuration tests with defaults and sanitizatio…
eldraco Mar 20, 2026
29f6d1b
feat: enable T Cell module and enhance logging and danger observation…
eldraco Mar 20, 2026
0b28df5
feat: update DisabledAlerts and EvidenceSignals for improved anomaly …
eldraco Mar 20, 2026
c0e1c99
feat: enhance T Cell module description with PAMP and DAMP context
eldraco Mar 20, 2026
5f8a935
feat: update evidence signal configuration to include ANOMALOUS_FLOW …
eldraco Mar 20, 2026
c9c1f1d
feat: enhance T Cell module documentation to clarify DAMP handling an…
eldraco Mar 20, 2026
28528da
feat: update evidence type in AnomalyDetectionHTTPS to ANOMALOUS_FLOW
eldraco Mar 20, 2026
95f71d0
feat: update evidence type in AnomalyDetectionHTTPS to ANOMALOUS_FLOW
eldraco Mar 20, 2026
51da3fa
feat: include ANOMALOUS_FLOW in anomaly evidence types
eldraco Mar 20, 2026
150f89c
feat: update T Cell module description to clarify DAMP integration an…
eldraco Mar 20, 2026
e1432eb
feat: enhance T Cell module documentation to clarify antigen recognit…
eldraco Mar 20, 2026
e0cb51c
feat: enhance T Cell module with improved logging and danger score ca…
eldraco Mar 20, 2026
fac5d04
feat: update T Cell configuration to enable by default and add log ve…
eldraco Mar 20, 2026
7a3864c
feat: add ANOMALOUS_FLOW to EvidenceType enum for enhanced anomaly de…
eldraco Mar 20, 2026
939c51b
feat: update evidence signal overrides to include ANOMALOUS_FLOW and …
eldraco Mar 20, 2026
55fb252
feat: add ANOMALOUS_FLOW to DisabledAlerts for enhanced detection cap…
eldraco Mar 20, 2026
88b9d0c
feat: add unit tests for AnomalyDetectionHTTPS to validate ANOMALOUS_…
eldraco Mar 20, 2026
35081a7
feat: add test for counting ANOMALOUS_FLOW evidence in RegexGenerator
eldraco Mar 20, 2026
c8a8032
feat: add tests for T Cell co-stimulation and context timeout scenarios
eldraco Mar 20, 2026
3d30d11
feat: enhance evidence signal overrides and T Cell configuration defa…
eldraco Mar 20, 2026
663ce24
feat: add analyze_incidents script for processing alerts and Zeek logs
eldraco Mar 20, 2026
99389c5
feat: add ANOMALOUS_FLOW evidence type with corresponding DAMP signal
eldraco Mar 20, 2026
e4ecdb6
feat: add SSH_SUCCESSFUL evidence type with corresponding DAMP signal
eldraco Mar 20, 2026
20568b0
feat: clarify responsible IP handling and update documentation in T C…
eldraco Mar 20, 2026
ce5864a
feat: update README to clarify responsible IP terminology and behavio…
eldraco Mar 20, 2026
0b2a2a7
feat: enhance responsible IP handling in T Cell module
eldraco Mar 20, 2026
4eee1a1
feat: add tests for responsible IP handling and memory event manageme…
eldraco Mar 20, 2026
c41dcbb
feat: add method to convert starttime to profile score in ProfileHandler
eldraco Mar 20, 2026
982b7af
feat: add test for handling alerts format timestamp in profile addition
eldraco Mar 20, 2026
e839f82
feat: update evidence signals and default classifications in document…
eldraco Mar 20, 2026
88f3e4b
feat: enhance T Cell module logging and decision tracing configuration
eldraco Mar 21, 2026
ab5aef8
feat: update evidence signal classifications and add new overrides in…
eldraco Mar 21, 2026
688d4f7
feat: add decision trace feature for T Cell module with configurable …
eldraco Mar 21, 2026
0b3f466
feat: update README to include optional decision tracing and trace fi…
eldraco Mar 21, 2026
336171d
feat: implement decision tracing for T Cell module with configurable …
eldraco Mar 21, 2026
4b25fc4
feat: add T Cell decision trace configuration options
eldraco Mar 21, 2026
1536305
feat: add T Cell decision trace configuration options in tests
eldraco Mar 21, 2026
b176afc
feat: enhance T Cell module with decision tracing and logging improve…
eldraco Mar 21, 2026
a7ad006
feat: add T Cell decision trace configuration assertions in tests
eldraco Mar 21, 2026
6b7259a
Implement feature X to enhance user experience and fix bug Y in module Z
eldraco Mar 21, 2026
383e1cc
feat: add offline HTML report generator for T Cell module analysis
eldraco Mar 21, 2026
c7293f3
feat: add instructions for offline HTML report generation in T Cell m…
eldraco Mar 21, 2026
29db2c7
feat: add unit tests for T Cell report generation and HTML rendering
eldraco Mar 21, 2026
4186fb8
feat: add Mermaid state diagram for T Cell state machine and enhance …
eldraco Mar 21, 2026
1bc51de
feat: enhance LLMBackend to support configurable HTTP connection pool…
eldraco Mar 21, 2026
57adb19
feat: add sortable transition table and state machine graph to T Cell…
eldraco Mar 21, 2026
3982384
feat: add state machine diagram for T Cell module in README
eldraco Mar 21, 2026
85cac0c
feat: add test for LLMBackend pool size scaling with worker threads
eldraco Mar 21, 2026
5d9ae81
feat: enhance report HTML output with T Cell state machine details an…
eldraco Mar 21, 2026
cd700d2
fix: clarify DAMP evidence handling in T Cell module description
eldraco Mar 23, 2026
2cab44f
feat: add link to T Cell offline report generation in README
eldraco Mar 23, 2026
7c937ae
feat: enhance T Cell module documentation with DAMP handling and wait…
eldraco Mar 23, 2026
612585c
feat: add waiting state handling and sortable cell table to T Cell re…
eldraco Mar 23, 2026
f04fb4b
feat: enhance README with detailed T Cell behavior and report insights
eldraco Mar 23, 2026
12b5175
feat: implement waiting state handling and DAMP reevaluation in T Cel…
eldraco Mar 23, 2026
189ad98
feat: add method to retrieve cells for specific profile states in TCe…
eldraco Mar 23, 2026
6c2c837
feat: add upsert functionality for activated cell state and update re…
eldraco Mar 23, 2026
648b0b4
feat: enhance DAMP evidence handling and add tests for waiting cell r…
eldraco Mar 23, 2026
e3a86e0
feat: add T Cell report overview image to documentation
eldraco Mar 23, 2026
1d27e83
feat: add example HTML report overview to regex generator documentation
eldraco Mar 23, 2026
c1a565e
feat: add coverage report overview image to regex generator documenta…
eldraco Mar 23, 2026
45038d6
feat: update state machine graph triggers and add legend to report
eldraco Mar 30, 2026
6af18c3
feat: add script to analyze alert creation delay from Slips alerts ex…
eldraco Mar 30, 2026
47b02b4
feat: add regex auditing and pruning script for benign threshold mana…
eldraco Mar 30, 2026
d6f8842
feat: enhance report HTML assertions for regex and co-stimulation states
eldraco Mar 30, 2026
ac46a57
feat: enable decision trace mode for T Cell responder module
eldraco Apr 19, 2026
cade045
Implement feature X to enhance user experience and fix bug Y in module Z
eldraco Apr 19, 2026
42eef64
feat: enhance T Cell module with observation tracking and context man…
eldraco Apr 19, 2026
34c1992
feat: add Markdown report generation for alert creation delay analysis
eldraco Apr 19, 2026
88089e9
feat: add support for excluding multiple observation IDs in recent re…
eldraco Apr 19, 2026
5e33090
feat: enhance report generation with detailed decision trace and curr…
eldraco Apr 19, 2026
2079587
feat: refactor evidence processing in T Cell tests for improved clari…
eldraco Apr 19, 2026
b639dad
feat: update README to clarify T Cell module's handling of PAMP and D…
eldraco Apr 19, 2026
344bc85
feat: clarify T Cell module's handling of PAMP and DAMP interactions
eldraco Apr 19, 2026
9d57494
feat: enhance T Cell module with detailed priming profiles for PAMP a…
eldraco Apr 19, 2026
294a279
feat: update T Cell module description to clarify handling of PAMP an…
eldraco Apr 19, 2026
15f4523
feat: enhance T Cell module to support DAMP evidence in antigen recog…
eldraco Apr 19, 2026
93de4b9
feat: add priming profiles for PAMP and DAMP signals to enhance T Cel…
eldraco Apr 19, 2026
80b12fe
feat: add priming profiles for PAMP and DAMP signals to T Cell module…
eldraco Apr 19, 2026
1d3a537
feat: add T Cell priming profiles for PAMP and DAMP signals to config…
eldraco Apr 19, 2026
9fde4f7
feat: add T Cell priming profiles for PAMP and DAMP signals to Module…
eldraco Apr 19, 2026
58e4399
feat: enhance report payload and HTML rendering with priming profile …
eldraco Apr 19, 2026
0a11729
feat: add DAMP signal handling for T Cell priming and state transitio…
eldraco Apr 19, 2026
c80f8b7
feat: add tests for managing available LLM backends in database
eldraco Mar 17, 2026
a8b89e8
feat: enable LLM service module and update backend configuration
eldraco Mar 17, 2026
9b0b55f
feat: add test for generated regexes storage and retrieval in DBManager
eldraco Mar 17, 2026
d04a1e7
feat: update regex_generator configuration for improved logging and p…
eldraco Mar 18, 2026
146e4f9
feat: enhance T Cell module logging and decision tracing configuration
eldraco Mar 21, 2026
f912b49
feat: enable decision trace mode for T Cell responder module
eldraco Apr 19, 2026
9939f99
fix: update T Cell module configuration to disable by default and cle…
eldraco Apr 28, 2026
2b5d81c
feat: add Alert Summary module documentation with detailed functional…
eldraco Apr 28, 2026
ca5c902
feat: add Alert Summary module documentation detailing functionality …
eldraco Apr 28, 2026
2293cdd
feat: add Alert Summary module to documentation and table of contents
eldraco Apr 28, 2026
28622a6
feat: add alerts-summary.log output for enhanced alert analysis
eldraco Apr 28, 2026
8513c8f
feat: enhance RedisManager input handling for non-interactive environ…
eldraco Apr 28, 2026
614bc12
feat: refactor LLM initialization to use subscribe_to_channels method
eldraco Apr 28, 2026
2df0141
feat: refactor channel subscription logic into separate method
eldraco Apr 28, 2026
4fafa39
feat: improve current state display and waiting label handling in cel…
eldraco Apr 28, 2026
b5b53b9
feat: add SPDX license headers to alert_summary module
eldraco Apr 28, 2026
6151122
feat: implement alert summary module for analyzing cybersecurity alerts
eldraco Apr 28, 2026
fe9b8e8
feat: refactor TCell initialization and enhance channel subscription …
eldraco Apr 28, 2026
1d04a08
feat: add alert summary configuration options to ConfigParser
eldraco Apr 28, 2026
c2c0f83
feat: enhance EvidenceHandler with new configuration and notification…
eldraco Apr 28, 2026
90f73aa
feat: normalize Zeek filenames in remove_subsuffix method
eldraco Apr 28, 2026
bc55e34
feat: add default rotation interval and create alert summary object i…
eldraco Apr 28, 2026
279e883
feat: add unit tests for alert summary configuration and dispatch fun…
eldraco Apr 28, 2026
6bfb2e7
feat: add tests for rotation period and default rotation interval in …
eldraco Apr 28, 2026
a0b8034
feat: refactor test_evidence_handler by reorganizing imports and addi…
eldraco Apr 28, 2026
a4b9a94
feat: add log verbosity configuration and update documentation for al…
eldraco Apr 29, 2026
61e9399
feat: add operational logs for alert queueing in alert_summary module…
eldraco Apr 29, 2026
fd4a191
feat: enhance logger initialization in RedisManager for better loggin…
eldraco Apr 29, 2026
19b4d06
feat: implement operation logging and verbosity configuration in aler…
eldraco Apr 29, 2026
e1d8499
feat: enhance LLM module with graceful shutdown and request activity …
eldraco Apr 29, 2026
e352047
feat: add alert summary module configuration with logging and LLM set…
eldraco Apr 29, 2026
f870288
feat: add alert summary log verbosity configuration method
eldraco Apr 29, 2026
1d8383c
feat: add mock for alert summary log verbosity configuration in Modul…
eldraco Apr 29, 2026
5d16d8e
feat: enhance alert summary logging with verbosity configuration and …
eldraco Apr 29, 2026
b904cae
feat: add tests for shutdown behavior and backend registry clearing
eldraco Apr 29, 2026
b54945b
feat: add README for Alert Summary module with detailed functionality…
eldraco Apr 29, 2026
2f34e10
feat: add hierarchical alert summaries feature to README
eldraco Apr 29, 2026
f80a290
feat: update timeout settings and enhance alert summary logging in sl…
eldraco Apr 29, 2026
08cf206
feat: enhance documentation for Alert Summary module with detailed fu…
eldraco Apr 29, 2026
7c38a03
feat: enhance alert summary logging details in usage documentation
eldraco Apr 29, 2026
09cd43d
feat: Enhance alert summary processing with multi-step reduction and …
eldraco Apr 29, 2026
64a4c72
feat: Update README with detailed functionality and prompt design for…
eldraco Apr 29, 2026
08571e7
feat: Implement operation logging for LLM module and enhance error ha…
eldraco Apr 29, 2026
c71c45b
feat: Enhance alert summary tests with additional scenarios and asser…
eldraco Apr 29, 2026
27ec2a7
feat: Add timeout handling for Ollama backend requests and log module…
eldraco Apr 29, 2026
ea334f7
feat: Add slips-goldilock backend configuration for LLM module and up…
eldraco Apr 29, 2026
2c2e77b
feat: Enhance shutdown logic to log pending LLM requests and ensure a…
eldraco Apr 29, 2026
1ad8b4b
feat: Enhance LLM request handling with pending request count managem…
eldraco Apr 29, 2026
1fd432a
feat: Add methods for managing pending LLM request counts in DBManager
eldraco Apr 29, 2026
c063244
feat: Add constant for tracking pending LLM requests by requester
eldraco Apr 29, 2026
bff85d4
feat: Add methods for managing pending LLM request counts in RedisDB
eldraco Apr 29, 2026
7ccb2a3
feat: Mock LLM request count methods in ModuleFactory tests
eldraco Apr 29, 2026
a94f75c
feat: Add test for pending shared LLM request count handling in alert…
eldraco Apr 29, 2026
89c3f66
feat: Add assertions for resetting and decrementing pending LLM reque…
eldraco Apr 29, 2026
3a0ea8a
feat: Enable the shared regex generator module in configuration
eldraco Apr 30, 2026
032edd6
feat: Refactor async task handling in FlowAlerts to improve task trac…
eldraco Apr 30, 2026
7c94b06
feat: Ensure graceful shutdown by canceling and closing pending MAC q…
eldraco Apr 30, 2026
29cde41
feat: Implement graceful shutdown for evidence handler worker to prev…
eldraco Apr 30, 2026
024fbf7
feat: Implement timeout for evidence worker processes to ensure timel…
eldraco Apr 30, 2026
534a478
feat: Enhance stop_evidence_workers to manage process termination and…
eldraco Apr 30, 2026
63974fa
feat: Update slips.yaml to enhance LLM backend configurations and dis…
eldraco Apr 30, 2026
e6fbd02
feat: Add alert history configuration to enhance analyst summary context
eldraco May 4, 2026
bce9275
feat: Update process termination order to include alert post-processi…
eldraco May 4, 2026
3fd6de1
feat: Enhance alert summary with historical context and memory for im…
eldraco May 4, 2026
9a7ccc6
feat: Add recent alert history management to enhance analyst summary …
eldraco May 4, 2026
78b0bb9
feat: Implement waiting mechanism for upstream modules during shutdown
eldraco May 4, 2026
aeef9a6
feat: Add alert summary history configuration methods for enhanced an…
eldraco May 4, 2026
10c7ed1
feat: Add mock configurations for alert summary history in ModuleFact…
eldraco May 4, 2026
3a889c1
feat: Update test cases for process manager to include additional exp…
eldraco May 4, 2026
e4584da
feat: Enhance alert summary configuration and recent history analysis…
eldraco May 4, 2026
84352e0
feat: Add test for upstream modules handling late requests during shu…
eldraco May 4, 2026
3df70a4
feat: Enhance alert summary method by incorporating recent alert hist…
eldraco May 5, 2026
43a4f6f
fix: Correct formatting and clarify prompt style reference in alert s…
eldraco May 20, 2026
2f6dac7
refactor: Update comments for regex and T Cell persistent store direc…
eldraco May 20, 2026
d98c390
fix: Update persistent_store_dir path and clarify configuration detai…
eldraco May 20, 2026
b4034f9
fix: Update log file paths in T Cell module documentation for clarity
eldraco May 20, 2026
c09b86f
fix: Clarify persistent storage paths in usage documentation for Slips
eldraco May 20, 2026
3e2c071
fix: Update database path handling in FidesModule to ensure directory…
eldraco May 20, 2026
a280352
fix: Update persistent_store_dir path for regex SQLite files and clar…
eldraco May 20, 2026
c187842
feat: Add blog post on pseudo-generated regexes for adaptive receptor…
eldraco May 20, 2026
e809597
fix: Enhance metadata handling and path resolution in T Cell module
eldraco May 20, 2026
ce41008
feat: Add comprehensive blog post detailing the T Cell module's adapt…
eldraco May 20, 2026
0a91fa4
fix: Update artifact paths in T Cell module documentation for consist…
eldraco May 20, 2026
a06b514
fix: Set default value for regex_generator persistent_store_dir in Co…
eldraco May 20, 2026
ad9cb20
fix: Enhance store directory resolution in RegexGeneratorStorage for …
eldraco May 20, 2026
52fe3b6
fix: Enhance store directory resolution in TCellStorage for persisten…
eldraco May 20, 2026
87f4978
fix: Update default persistent store directory in regex generator tes…
eldraco May 20, 2026
8c35a75
test: Add test for report builder to resolve persistent DBs and modul…
eldraco May 20, 2026
11e7a7b
test: Add test for resolving relative persistent store directory in T…
eldraco May 20, 2026
011fbc5
fix: Update .gitignore to ignore all files in the permanent directory
eldraco Jun 2, 2026
3deb50d
fix: Update T Cell store directory to include data subdirectory
eldraco Jun 2, 2026
f996d42
fix: Update log and trace file paths to use lowercase directory names
eldraco Jun 2, 2026
3848f98
fix: Update log and trace file paths to use lowercase directory names
eldraco Jun 2, 2026
9a1c336
fix: Update artifact paths in README to use lowercase directory names
eldraco Jun 2, 2026
b85d5ed
fix: Set output directory for TCell module
eldraco Jun 2, 2026
f8b753f
fix: Update module directory paths to use consistent lowercase naming
eldraco Jun 2, 2026
0d257af
test: Add test for lowercase underscore output directory in TCell module
eldraco Jun 2, 2026
6234210
fix: Clarify threat level distinctions in alert summary prompts
eldraco Jun 3, 2026
ace6b76
fix: Update prompt version and clarify threat level distinctions in a…
eldraco Jun 3, 2026
75042a0
fix: Add explicit weighting guidance for evidence threat levels in pr…
eldraco Jun 3, 2026
35d31ea
fix: Enhance alert summary prompts with threat level guidance and con…
eldraco Jun 3, 2026
a50a49d
fix: Clarify prompt structure for alert summaries by separating curre…
eldraco Jun 3, 2026
3ba439b
fix: Update prompt version to v4 and clarify current alert evidence u…
eldraco Jun 3, 2026
213b49d
fix: Clarify prompt structure by separating current alert evidence fr…
eldraco Jun 3, 2026
9d4bac9
fix: Update alert summary prompts to version v4 and enhance clarity o…
eldraco Jun 3, 2026
4d439b4
feat: update regex_generator configuration for improved logging and p…
eldraco Mar 18, 2026
6ec1c31
feat: add tests for managing available LLM backends in database
eldraco Mar 17, 2026
5b8f42f
feat: add test for generated regexes storage and retrieval in DBManager
eldraco Mar 17, 2026
b1db3e1
feat: Add recent alert history management to enhance analyst summary …
eldraco May 4, 2026
340d733
Merge branch 'immune-signature-generation' of github.com:stratosphere…
eldraco Jun 8, 2026
ef37a59
Merge remote-tracking branch 'origin/develop' into immune-signature-g…
AlyaGomaa Jun 23, 2026
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,9 @@ dataset-private/*
appendonly.aof
/p2p_db.sqlite
old-pipeline/


databases/regex_store/
utils/immune_web_sim/runs/
config/redis.conf
.vscode/launch.json
# permanen p2p dbs and encryption keys
permanent/
10 changes: 10 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,7 @@ Slips aborts updating to new versions when there are changes to Slips local conf
* You can also specify whether to ```train``` or ```test``` the ML models

* You can enable [popup notifications](https://stratospherelinuxips.readthedocs.io/en/develop/usage.html#popup-notifications) of evidence, enable [blocking](https://stratospherelinuxips.readthedocs.io/en/develop/usage.html#slips-permissions), [plug in your own zeek script](https://stratospherelinuxips.readthedocs.io/en/develop/usage.html#plug-in-a-zeek-script) and more.
* The `t_cell` section is enabled by default so Slips can consume centrally tagged `PAMP` and `DAMP` evidence, match extracted antigens against accepted regexes, and then carry a signal-specific priming profile into later co-stimulation and context decisions. `DAMP` can now create a weaker state-1 cell with stricter later thresholds and a shorter waiting window, while all responder state stays in its own SQLite DB.


[More details about the config file options here]( https://stratospherelinuxips.readthedocs.io/en/develop/usage.html#modifying-the-configuration-file)
Expand All @@ -192,6 +193,10 @@ Slips key features are:
* **HTTPS Anomaly Detection**: Adaptive TLS/HTTPS anomaly detection with drift handling and a local HTML report generator for deep dives.
* **Integration with External Platforms**: Modules in Slips can look up IP addresses on external platforms such as VirusTotal and RiskIQ.
* **Graphical User Interface**: Slips provides a web interface and an optional Kalipso terminal interface through the `modules/kalipso` submodule.
* **Shared LLM Access**: Slips can expose configured LLM backends such as Ollama, OpenAI, and Anthropic to other modules through Redis channels.
* **Hierarchical Alert Summaries**: Slips can turn correlated alert evidence into analyst-facing one-paragraph incident summaries, recursively reducing oversized evidence sets instead of truncating them.
* **Pseudo-Random Regex Generation**: Slips can generate and validate pseudo-random regexes for DNS domains, URIs, filenames, TLS SNI, and certificate CN fields for later Zeek-side use.
* **Immune-Style T Cell Response**: Slips can consume centrally tagged `PAMP` and `DAMP` evidence, correlate extracted antigens with accepted regexes, and use signal-specific T-cell priming plus mixed `PAMP`/`DAMP` danger pressure to decide whether to stay tolerant, activate, contain, or store long-term memory.
* **Peer-to-Peer (P2P) Module**: Slips includes a complex automatic system to find other peers in the network and share IoC data automatically in a balanced, trusted manner. The P2P module can be enabled as needed.
* **Docker Implementation**: Running Slips through Docker on Linux systems is simplified, allowing real-time traffic analysis.
* **Detailed Documentation**: Slips provides detailed documentation guiding users through usage instructions for efficient utilization of its features.
Expand Down Expand Up @@ -222,6 +227,11 @@ We appreciate your contributions and thank you for helping to improve Slips!
# Documentation
[User documentation](https://stratospherelinuxips.readthedocs.io/en/develop/)

T Cell design and configuration: [docs/t_cell_module.md](docs/t_cell_module.md)

T Cell offline report generation and interpretation:
[docs/t_cell_module.md#offline-html-report](docs/t_cell_module.md#offline-html-report)

[Code docs](https://stratospherelinuxips.readthedocs.io/en/develop/code_documentation.html )

---
Expand Down
Loading
Loading