BP
BreachPilot MCP-Powered Incident Commander
Splunk MCP Server Security Track $1K Prize Target Vercel Live Demo

Splunk Agentic Ops Hackathon

Turn Splunk alerts into analyst-ready incident briefs.

BreachPilot uses an agentic MCP workflow to collect evidence, correlate security events, score risk, and recommend response actions.

--events correlated
--risk signals
--MCP tool calls

Risk score

Waiting

Start an investigation to build an evidence-backed incident brief.

-- /100

Confidence

-- evidence-backed verdict

Runtime

-- local agent latency

Correlated attack path

Incident narrative

Case waiting
Run an investigation to reveal the kill-chain path.

Agent plan

MCP workflow

human-in-the-loop

Response

Recommended actions

prioritized

Evidence

Evidence cards

grouped by signal

Timeline

Event chronology

0 events

Splunk transparency

SPL queries executed through MCP

scoped, auditable searches

Debug payload

Raw incident brief JSON

{}