The project was initiated by defining the core problem: security analysts often spend excessive time manually reading logs to understand incidents. To address this, ForenStory is being designed as an explainable AI-powered cyber incident investigator that converts raw security logs into structured attack timelines and human-readable explanations.
In this phase, the system architecture was planned with a clear separation between log parsing, detection logic, explainability, and AI-assisted analysis. The initial backend structure was set up using Python and FastAPI, and the first detection objective—brute-force login attempts—was defined with rule-based logic to ensure accuracy and transparency.
The focus of this stage was not AI automation, but building a reliable investigation foundation that can later be enhanced with AI for narrative generation, confidence scoring, and analyst-level explanations.
Log in to leave a comment