Agentic-DART — autonomous detection & response agent. Architecture-first, not prompt-first. Starts as agentic DFIR; designed to expand toward agentic SOC and beyond.

Agentic DFIR

Find Evil! hackathon submission: typed multi-agent IR coordinator on weft

SIFT-ARGUS: evidence-first DFIR cyber reasoning system for Protocol SIFT

Automate digital forensics and incident response tasks using an autonomous agent aligned with MITRE ATT&CK frameworks.

Autonomous, audit-traced incident-response agent for the SANS SIFT Workstation. The agent has no shell — evidence tampering and hallucinated findings are architecturally impossible. Every finding verifies in <10s via its call_id. SANS Find Evil! Hackathon 2026.

VERDICT: an autonomous, read-only, self-correcting incident response analyst for the SANS SIFT Workstation. Custom MCP Server (pattern 2) + Claude Code. Find Evil hackathon.