Blitz SOC

Created by team Blitz on May 08, 2026
AI Agents & Agentic Workflows (Best Track for Beginners)

Blitz SOC is an explainable hybrid security operations workflow designed for the AMD Developer Hackathon under the AI Agents & Agentic Workflows track. The platform transforms synthetic security telemetry into correlated, analyst-ready incident intelligence using three execution modes: • Baseline Mode — deterministic control-path analysis using fixed logic • Local SOC Mode — resilient local orchestration with state snapshots, correlation, and approval workflows • CrewAI Mode — AI-assisted analyst reasoning powered by CrewAI and Qwen inference served through AMD ROCm and vLLM Unlike traditional SOC systems that rely entirely on static rules or opaque AI automation, Blitz SOC separates AI-assisted reasoning from deterministic governance. CrewAI coordinates analyst-style workflows such as classification, enrichment, escalation reasoning, and response preparation. Qwen provides analyst-facing contextual reasoning, incident summarization, and response generation. AMD Developer Cloud powers the accelerated inference environment through ROCm and vLLM. After AI enrichment occurs, Blitz applies deterministic governance layers including: • Correlation • Risk scoring • Escalation policy • Approval gates • Integration routing • Incident export workflows This separation keeps the workflow explainable, auditable, resilient, and operationally safer than fully autonomous approaches. The project includes: • Explainable execution traces • Real-time incident streaming • AI reasoning visibility • SOC response timelines • Human approval gates • Production integration mapping • AMD inference proof panels • Multi-mode fallback resilience Blitz SOC demonstrates how open-source AI models and agentic workflows can enhance SOC analyst efficiency while preserving deterministic governance and operational safety.

Category tags:

"This is an impressive and practical security operations platform that addresses real-world SOC (Security Operations Center) challenges. The hybrid approach - combining deterministic governance with AI-assisted reasoning - is exactly what's needed in security. Separating "AI thinking" from "deterministic enforcement" makes it explainable, auditable, and operationally safe - critical requirements for security teams. Application of Technology: 🚀🚀🚀🚀🚀 5 - Three execution modes (Baseline, Local SOC, CrewAI), CrewAI for analyst workflows, Qwen for contextual reasoning, AMD ROCm/vLLM for inference. The multi-mode fallback resilience shows sophisticated engineering. Presentation: 🚀🚀🚀🚀 4 - Clear problem statement (traditional SOC issues). Good explanation of the three modes and governance layers. Links to GitHub and HuggingFace provided. Well-structured but complex for non-technical judges. Business Value: 🚀🚀🚀🚀🚀 5 - Massive market in cybersecurity. SOC operations are expensive and understaffed. The hybrid approach makes it practical for real deployments. Human approval gates are crucial for compliance. Originality: 🚀🚀🚀🚀🚀 5 - Very original. The separation of AI reasoning from deterministic governance is innovative. Multi-mode fallback resilience is unique. First-of-its-kind for hybrid SOC platforms."

avatar

Sanem Avcil