A quick reference for terms used throughout the AiStrike documentation.
|
Term |
Definition |
|---|---|
|
AI Security Intelligence Layer |
AiStrike's role in your stack — an AI-native layer that sits on top of your existing security tools rather than replacing them. |
|
Composite AI |
AiStrike's multi-modal approach combining machine learning, knowledge graphs, and LLMs — not an LLM-only wrapper. |
|
Composite Alert |
Multiple related alerts consolidated and correlated into a single, root-cause-oriented view. |
|
Detection Engineering Agent |
Agent that auto-creates and tunes detections, identifies coverage gaps, and improves detection quality. |
|
Investigation Agent |
Agent that correlates detections with identity, asset, and behavioral context and maps activity to MITRE ATT&CK attack chains. |
|
Response Agent |
Agent that automates response for routine events while keeping analyst-in-the-loop approval for critical actions. |
|
Threat Intelligence Agent |
Agent that continuously analyzes global threat intel and generates detections for emerging and zero-day threats. |
|
Analyst-in-the-loop |
Design principle where sensitive or high-impact actions require human approval before execution. |
|
Unified Connector Framework |
AiStrike's integration layer for on-prem and cloud connectors across SIEM, cloud, IAM, and threat intel. |
|
Tenant |
An isolated customer environment within AiStrike's multi-tenant architecture. |
This is a starter glossary. Add or refine terms as the docs grow.