Tech Sentinel - AI Security Suite

Inspiration

Modern cyberattacks rarely begin with dramatic breaches — they start with small entry points: a suspicious email, a deceptive login link, or a misconfigured security header.

Over 90% of cyberattacks begin with phishing, yet most available tools either provide a binary “spam/not spam” result or overwhelm users with raw technical data without explanation.

As an AI and cybersecurity enthusiast, I wanted to build something different:

A system that doesn’t just detect threats — but explains them clearly, deterministically, and transparently.

That vision became SentinelAI Security Suite — a modular AI-powered threat intelligence platform.

What it does

SentinelAI Security Suite is a multi-surface security analysis ecosystem composed of three intelligent modules:

🌐 Web Security Intelligence

HTTP security header analysis Browser hardening detection Deterministic exploit risk modeling Domain comparison mode

This module evaluates a website’s defensive posture and highlights configuration weaknesses that could enable attacks such as XSS, clickjacking, or downgrade attacks.

📧 PhishGuard AI – Email Phishing Detection

Urgency language detection Credential harvesting detection Context-aware brand impersonation analysis Multi-agent structured risk scoring

Instead of simply labeling an email as “dangerous,” the system explains exactly which patterns triggered the risk score.

🔗 URL Threat Detection

Typosquatting detection (e.g., amaz0n vs amazon) Suspicious TLD detection (.xyz, .top, .click, etc.) Credential-harvesting keyword patterns Deterministic SAFE / SUSPICIOUS / MALICIOUS classification

This allows users to paste any suspicious URL and receive an explainable risk assessment.

How we built it

The project was built using Mocha for rapid AI-assisted feature development and iterative refinement. Both products were then deployed publicly using Replit for reliable hosting and live demonstration.

Tech Stack

Frontend: React + TypeScript + Vite Styling: TailwindCSS (dark cybersecurity theme) Threat Engine: Deterministic rule-based scoring logic Deployment: Replit Product Dashboard: Unified suite interface

Risk Modeling Approach

Rather than relying on black-box AI scoring, SentinelAI uses deterministic threat modeling for transparency.

For example, URL classification scoring:

Suspicious TLD → +20 Typosquatting pattern → +20 Credential harvesting keywords → +25 Urgency language → +20

Risk classification thresholds:

0–20 → SAFE 21–60 → SUSPICIOUS 61+ → MALICIOUS

This structured scoring ensures explainability and reduces unpredictable AI behavior.

Multi-Agent Threat Architecture

PhishGuard simulates a multi-agent security analysis system:

Content Agent → Detects urgency & credential patterns Link Agent → Evaluates extracted URLs Impersonation Agent → Context-aware brand detection Domain Agent → Structural anomaly analysis

Each agent contributes independently to the final risk score, making the system modular and extensible.

Challenges we ran into

1️⃣ Balancing False Positives

Early versions incorrectly increased risk scores when brand names (e.g., “Amazon”) appeared without malicious context. We refined impersonation detection to activate only when combined with suspicious indicators.

2️⃣ Sensitivity Calibration

Some ambiguous login portals were initially classified as SAFE. We adjusted classification thresholds to ensure more realistic “SUSPICIOUS” labeling.

3️⃣ Modular Integration

Merging two working projects introduced architectural friction. Instead of forcing unstable code merges, we designed a unified dashboard that presents each module as part of a scalable ecosystem.

4️⃣ Explainability vs Automation

Many AI systems give conclusions without reasoning. We prioritized structured breakdowns and transparent trigger explanations to increase user trust.

Accomplishments that we're proud of

Built a fully modular AI threat intelligence suite Achieved balanced false-positive control Designed deterministic, explainable risk scoring Created a professional, startup-grade UI Successfully deployed both applications publicly

What we learned

Deterministic logic improves trust in AI security systems Modular architecture scales better than monolithic builds UX clarity is as important as detection accuracy Explainability dramatically increases perceived credibility Structured threat modeling beats vague AI scoring

What's next for SentinelAI Security Suite

SentinelAI is designed as a scalable ecosystem. Future roadmap includes:

Browser extension for real-time phishing detection SPF / DKIM / DMARC validation Domain age & WHOIS integration Threat intelligence API Enterprise SOC dashboard