Inspiration

Security compliance is broken. CISOs drown in 500-page PDF reports they don't read, while DevOps engineers ignore security findings that lack technical context. Furthermore, "paper compliance" (passing an audit) rarely means you are essentially safe from hackers. We realized that true security requires two things often missing in automated tools: Deep Reasoning to simulate complex attack paths (Red Teaming) and Contextual Empathy to explain risks in the user's specific language (Blue Team). We built SentinelAI to bridge this gap, acting as an automated Chief Security Architect that lives in your browser.

What it does

SentinelAI is a dual-engine security platform for cloud and hybrid architectures:

  1. Blue Team Auditor (Defense): Users input architectural designs (text, Terraform, diagrams) and select compliance targets (SOC2, NIST AI RMF, ISO 42001). SentinelAI uses Gemini 3 Pro to perform a gap analysis. Uniquely, it adapts its entire reporting style based on the User Persona—generating high-level risk summaries for a "CISO" or copy-paste Terraform remediation blocks for a "DevOps Engineer."
  2. Red Team Strike Simulator (Offense): This is our "killer feature." We use Gemini’s thinkingConfig to unleash a "Cyberpunk Red Team" agent. It doesn't just list vulnerabilities; it "thinks" through a multi-stage Kill Chain, visualizing the attack path with Mermaid.js diagrams and generating non-executable Proof-of-Concept (PoC) exploit scripts (Python/Go) to demonstrate exactly how a breach would occur.
  3. The War Room: A dedicated, immersive UI mode that switches the interface to a high-contrast, terminal-style command center for real-time threat analysis and strike simulation.

How we built it

  • Deep Reasoning with Gemini 3.0: We utilized the @google/genai SDK to tap into gemini-3-pro-preview. Crucially, we implemented Thinking Budgets (up to 16k tokens) for the "Strike Simulator." This allows the model to "pause and plan" complex attack vectors before generating the output, resulting in startlingly realistic kill chains rather than generic hallucinations.
  • Multimodal Analysis: The system accepts text descriptions and file attachments (Configs, TF files), processing them into a unified context window for analysis.
  • Dynamic Chat Copilot: For remediation, we integrated gemini-3-flash-preview to act as a responsive side-kick, retaining citation context and helping users fix issues interactively.
  • Frontend: Built with React 19, Vite, and TailwindCSS. The UI features real-time Markdown rendering with remark-gfm and dynamic diagram generation using mermaid.

Challenges we ran into

  • Handling Private Compliance Data: While the model is excellent at auditing against public standards (SOC2, NIST, ISO), many organizations have strict internal security policies that are not public knowledge. To solve this, we architected an "Attachment Context" system. This allows users to upload private PDF/text policy documents securely. The system then dynamically injects these private rules into the audit context, allowing SentinelAI to validate architecture against both global standards and bespoke internal mandates simultaneously without retraining the model.
  • Hallucination vs. Simulation: Early versions of the Red Team agent would invent non-existent AWS services. We solved this by using strict system prompting and high "Thinking model" budgets to ground the AI in technical reality.
  • Context Management: Handling large architectural documents alongside multiple compliance standards (like NIST + ISO simultaneously) risked overflowing the context window. We optimized this by structuring the inputs and using Gemini 3.0's massive context window capabilities effectively.

Accomplishments that we're proud of

  • Persona-Adaptive Engine: Seeing the same vulnerability reported as a "Financial Risk" to a CISO and a "Missing Security Group Rule" to a Developer was a massive win for usability.
  • The "Strike" Visualization: Automatically generating valid Mermaid.js graphs that map out an attack path from "Reconnaissance" to "Data Exfiltration" feels like magic.
  • War Room Mode: It just looks incredibly cool. We added CRT flicker effects and terminal styling to make security work feel engaging.
  • Accessibility-First Design: UI color palettes and contrast ratios are designed with color-blind accessibility (WCAG-aligned) considerations to ensure critical security insights are distinguishable for all users
  • Multi-Tab Interface: Switch between Security Reports and Attack Simulations
  • Floating Dock Navigation: Quick access to all analysis tools
  • Report Versioning: Track all analysis changes with timestamps
  • Export Capabilities: Download reports as PDF/JSON
  • Print-Friendly Layouts: Professional compliance documentation
  • Voice Uplink Support: Microphone integration for hands-free interaction

What we learned

We learned that Reasoning Models (systems that "think" before they speak) are a paradigm shift for cybersecurity. Traditional LLMs are good at summarizing; Reasoning models are good at hunting. SentinelAI proves that AI agents and Gemini 3 models can go beyond passive advice and start actively pressure-testing our defenses.

What's next for SentinelAI

  • Live Infrastructure Integration: Connecting directly to Google/AWS/Azure APIs to scan live environments.
  • Auto-Remediation: Allow the agent to open Pull Requests with the fix code it generated.
  • Multi-Agent Red Teaming: Having multiple Gemini agents adopt different hacker personas (Social Engineer vs. Network Intruder) to attack the system cooperatively.

Built With

Share this project:

Updates