Analysi

Security automation platform that processes alerts through AI-powered investigation workflows. Ingests alerts from SIEMs, enriches them via threat intelligence, runs automated investigation playbooks, and produces analyst-ready dispositions.

Where to start

• New here? Read the Concept page — one paragraph and a diagram explain what Analysi does and why.
• Want the full story? Walk the Alert lifecycle, then the Component architecture.
• Looking up a term? Terminology reference.
• Looking for a connector? Integrations catalog — 101 built-in integrations across 27 archetypes.
• Want to run it? Build and deploy instructions live in the project README on GitHub.

What Analysi solves

Tier-1 SOC analysts spend most of their time investigating the same kinds of alerts over and over. Analysi watches what's investigated for each detection rule, synthesizes a reusable agentic workflow on first encounter, and replays it cheaply on every subsequent alert from the same rule. See the AI SOC problem for the longer write-up.