AiStrike Documentation
Breadcrumbs

Common Terms and Definitions

A quick reference for terms used throughout the AiStrike documentation.

Term

Definition

AI Security Intelligence Layer

AiStrike's role in your stack — an AI-native layer that sits on top of your existing security tools rather than replacing them.

Composite AI

AiStrike's multi-modal approach combining machine learning, knowledge graphs, and LLMs — not an LLM-only wrapper.

Composite Alert

Multiple related alerts consolidated and correlated into a single, root-cause-oriented view.

Detection Engineering Agent

Agent that auto-creates and tunes detections, identifies coverage gaps, and improves detection quality.

Investigation Agent

Agent that correlates detections with identity, asset, and behavioral context and maps activity to MITRE ATT&CK attack chains.

Response Agent

Agent that automates response for routine events while keeping analyst-in-the-loop approval for critical actions.

Threat Intelligence Agent

Agent that continuously analyzes global threat intel and generates detections for emerging and zero-day threats.

Analyst-in-the-loop

Design principle where sensitive or high-impact actions require human approval before execution.

Unified Connector Framework

AiStrike's integration layer for on-prem and cloud connectors across SIEM, cloud, IAM, and threat intel.

Tenant

An isolated customer environment within AiStrike's multi-tenant architecture.

This is a starter glossary. Add or refine terms as the docs grow.