SIFT.Glass
AI-powered incident response that finds evil in real time.
Watch an autonomous agent investigate, correlate, and reconstruct attack kill chains — live.
Built for Finding Evil
An autonomous investigation engine powered by OpenClaw MCP tools, real-time Supabase streaming, and interactive attack graph visualization.
Attack Graph
Interactive React Flow visualization maps attack chains across IPs, hashes, files, domains, and processes in real time.
AI Agent
Autonomous OpenClaw-powered agent investigates alerts, queries VirusTotal, AbuseIPDB, and correlates across data sources.
Real-Time
Live Supabase Realtime subscriptions push investigation updates instantly — no polling, no refresh needed.
Kill Chains
Agent reconstructs complete attack narratives — from initial access through lateral movement to data exfiltration.
4 Pre-Built Threat Scenarios
Supply-Chain Attack
Malicious npm package drops reverse shell, exfiltrates data to C2 server via TLS.
Ransomware Outbreak
LockBit variant encrypts hospital network, spreads via SMB exploitation.
Credential Stuffing
Botnet uses leaked credentials to breach corporate SSO and pivot internally.
Insider Threat
Privileged engineer exfiltrates source code via encrypted USB and Tor network.
Production-Grade Architecture
Ready to Find Evil?
Launch the SOC dashboard and watch the AI agent investigate threats in real time.
LAUNCH DASHBOARDFIND EVIL! 2026
The first hackathon for autonomous incident response. $22,000 in prizes.