# SentinelAI — One-line positioning

**Do not say:** “AI cybersecurity dashboard.”

**Do say:**

> SentinelAI is an **autonomous multi-agent AI Security Operations Center** that continuously monitors infrastructure, correlates attacks, performs **AI-driven investigations**, and generates **remediation workflows** using **AMD-accelerated open-source AI** infrastructure.

## 30-second version

- **Autonomous collectors** tail auth and demo logs (extend to Docker/K8s/cloud).
- **Detection** — brute-force, privilege abuse, malicious-source hits.
- **Correlation** — timelines and graphs, not isolated alerts.
- **AI analyst** — enterprise narratives, severity reasoning, action list (Ollama / vLLM / ROCm).
- **Command deck** — live feed, replay, ROCm panel, agent activity.

## Why judges care

| Angle | Hook |
|--------|------|
| **Autonomy** | Runs without chat prompts; event pipeline drives agents. |
| **Multi-agent** | Collectors, detection, correlation, analyst, remediation, alerts. |
| **Data residency** | Local open models — no mandatory third-party LLM API. |
| **AMD** | ROCm = throughput for concurrent SOC reasoning at hackathon cost. |

## Closing

“We’re not a chatbot bolted onto logs — we’re a **mini-SOC runtime** you can demo in minutes and extend to real auth.log and TI feeds.”