We turn raw signal into defense.

A student-led research collective practicing the full detection-and-response loop — from AI-assisted intrusion detection to automated playbooks and hands-on security operations.

Explore JSYCURE → See collaborations

Divisions

SIEM + IDS

Detection core

SOAR

Automated response

2025.12

Establishment date

~/jsycure/divisions ▌

Three teams, one detection loop

Each division owns a stage of the security workflow. Together they cover the path from a packet on the wire to a closed incident.

// detection

DeepSecu

AI-assisted intrusion detection built on the ELK Stack and Suricata — turning network traffic into ranked, explainable alerts.

ELK Stack Suricata Machine Learning

Open division →

// response

SOAR

Security orchestration and automated response. Alerts flow into TheHive and trigger Shuffle playbooks so analysts act, not toil.

TheHive Shuffle Automation

Page coming soon

// operations

ITSAFE

Hands-on security operations and study — the ground crew that runs labs, hardens systems, and trains the next analysts.

Hardening Hands-on labs Training

Open division →

~/jsycure/how-we-work ▌

From signal to closed incident

01 · collect

Capture

Suricata and the ELK Stack ingest and normalize network traffic into a queryable event stream.

02 · detect

Score

Models rank events by risk so the signal that matters surfaces above the noise.

03 · respond

Act

TheHive and Shuffle drive playbooks that contain and document incidents automatically.

// collaborate

Working on something in detection or response?

JSYCURE partners with student groups, labs, and researchers on shared tooling and field experiments.

View collaborations →