AiSOC is built and improved by a growing community of contributors, security researchers, and operators. This page exists to thank them.
If you've contributed and your name is missing, please open a PR against this file — we'd rather over-credit than miss someone.
We deeply appreciate everyone who takes the time to report a security issue responsibly. Reporters listed here have made AiSOC measurably safer for everyone running it.
| Reporter | Contribution |
|---|---|
| @TanmayZade | Reported #220 — prompt injection in classification agents leading to alert auto-close bypass. Also authored the fix in PR #219 (prompt sanitiser + untrusted-content wrapping across the five classification agents). |
| @mangod12 | Reported #159 — proposed cross-tenant isolation tests + nightly CI for RBAC regression. Directly informed the tenant-isolation hardening work that landed in PR #221. |
| @jay-cyble (Jay Vasant) | Reported #130 — a structured review of 13 security & UI issues found via code review + live-site inspection. Multiple findings were used to drive follow-up hardening tickets. |
If you want to report a vulnerability, please use GitHub's private vulnerability reporting and read SECURITY.md first.
People outside the core maintainer team who have shipped code into AiSOC. Ordered by first merged contribution.
| Contributor | Highlights |
|---|---|
| @jay-cyble | PR #135 — UEBA service environment-variable alignment, closing #134. First community contribution to the project. |
| @prince30121 | Multiple infrastructure & CI commits (including CI restoration work). 9 commits and counting. |
| @ARDA7787 | PR #218 — Redis-backed scheduler singleton guard + dependency-CVE security-audit CI tooling (security-audit.yml, scripts/security_audit.py). |
| @TanmayZade | PR #219 — prompt sanitiser + untrusted-content wrapping across the five classification agents (fix for #220). |
The full, always-up-to-date list of code contributors lives on the GitHub contributors page.
Folks who took the time to file high-signal issues that drove visible improvements in the project:
- @cyberdometanza — Docker / packaging bug reports (e.g. #82)
- @AMoneronIQBusiness — Docker demo / quickstart feedback (#81)
- @ThiagoDataEngineer — Early platform feedback (#48)
- @alvarofraguas — Connector / setup feedback (#44)
- @sonalig-cyble — Product feedback (#131)
- @dependabot[bot] — Keeps the dependency tree healthy across every service in the monorepo.
AiSOC is currently maintained by @beenuar (project lead) with help from everyone listed above.
If you'd like to take on ongoing responsibility for an area of the codebase (a connector family, the web console, the agents pipeline, infra, docs), open an issue tagged maintainership and let's talk.
You're added automatically if:
- You authored a merged PR
- You reported a security issue that was acknowledged and triaged (via private advisory or a confirmed public issue)
- You filed a high-signal issue that drove a real change in the codebase
If something landed because of you and you're not on this list, that's a bug — please open a PR against CREDITS.md and we'll merge it.
Thank you for making AiSOC better.