CeruleanSOC: AI Triage Copilot for SecOps Shared Inboxes

Security and IT teams often rely on shared inboxes to receive phishing reports, suspicious login concerns, MFA issues, access requests, vendor notices, and other user-reported security messages. These emails arrive in unstructured language and often require manual review, SOP lookup, severity judgment, response drafting, and documentation, which can slow response times and lead to inconsistent triage. CeruleanSOC addresses this by using an AI-powered workflow that monitors a security mailbox, analyzes incoming messages, retrieves the most relevant guidance from uploaded SOP documents stored in a vector knowledge base, logs triage decisions in a database, and generates a professional response. The system is designed around controlled automation: clear, routine cases can be handled quickly, while uncertain or sensitive cases are routed for human review before action is taken. By combining secure cloud deployment, Outlook integration, SOP-grounded decision-making, and human-in-the-loop safeguards, CeruleanSOC demonstrates a practical way to reduce manual inbox triage while improving speed, consistency, and operational confidence for security teams.