SentraOps (In-progess...)

SentraOps is a full-stack, production-grade security operations platform built entirely from scratch. Here's what's actually under the hood:

Backend — FastAPI (Python)

10 API routers handling distinct domains: incident management, authentication, user management, geolocation intelligence, MITRE ATT&CK integration, playbook automation, analytics, dashboard aggregation, report generation, and real-time WebSocket communication. Each router is dynamically registered through a custom RouterRegistry class that handles health checks, request tracking, error rates, and lifecycle management. Global exception handlers ensure consistent error responses across the entire API surface.

AI & Intelligence Layer

Dedicated AI analysis and AI services modules powering automated threat analysis. A dynamic playbook generator that builds incident response workflows on the fly. MITRE ATT&CK integration service that maps incidents to real-world adversary tactics and techniques from the ATT&CK knowledge base. Standards integration service mapping incidents to compliance frameworks like NIST, ISO 27001, and CIS Controls.

Data Layer

PostgreSQL as the primary database with SQLAlchemy ORM. Models covering incidents, users, playbooks, compliance frameworks, standards mappings, and a full MITRE knowledge base. Redis for caching and WebSocket pub/sub message brokering.

Real-Time Infrastructure

WebSocket service with background processors, heartbeat monitoring, priority messaging across 4 levels, multi-room support, client subscriptions, and Redis-backed scaling. Incidents trigger live events to all connected clients on create and update.

Frontend — React + TypeScript

Pages for dashboard, incident management, incident submission, AI analysis engine, geolocation testing, globe visualization, report generation, and login. Component library spanning dashboard widgets, globe visualization, geolocation display, incident views, playbook UI, and a full layout system. Custom hooks handling all data fetching, real-time state, filtering, pagination, sorting, and WebSocket connectivity.

DevOps

Four-container Docker Compose setup — FastAPI backend, Vite/React frontend, PostgreSQL, and Redis — with health checks, dependency ordering, volume persistence, and environment-based configuration.