Agentic security systems
S6 researches and builds AI-assisted security workflows where agents can gather evidence, draft findings, support operators, and reduce busywork without pretending the human disappears from accountability.
About S6 Security Labs
Security advice for the point where real people, real systems, and real harm meet.
S6 Security Labs builds guidance, research, and tooling around a simple bias: security has to work in the real world. Not just in a strategy deck, not just in a lab, and not only for people who already know the answer.
Current focus
- • Agentic AI for security operations and offensive/defensive workflows
- • SOC, SIEM, detection, Splunk, and practical automation
- • Home-user cyber security guidance for people who do not want a second unpaid job
- • Cybercrime harm reduction, incident process, and better recovery paths
Experience behind the work
Built from practical exposure, not brochure security.
S6 draws on experience across IT support, policing, cybercrime response, SOC operations, Splunk, platform escalation, and AI/security engineering. The point is not a personal biography. The point is that the guidance is shaped by places where security either works for people or fails them.
IT and desk-side support, where security advice has to survive contact with normal people doing real work.
Policing and detective work, including cybercrime-related matters and the victim harm that does not fit neatly into a ticket queue.
Large-scale cybercrime exposure across common Australian incident patterns: account takeover, compromised email, weak recovery paths, telco friction, rushed payments, platform abuse, and family/business disruption.
Operational work across banks, telcos, law enforcement, and major technology platforms where escalation, evidence, and process often matter as much as the technical detail.
What S6 works on
Security tooling with less theatre and more use.
SOC and detection engineering
The work is grounded in SIEMs, alerts, logs, Splunk, threat intelligence, triage, and the everyday grind of making security teams faster without drowning them in theatre.
Home and human security
A lot of serious incidents start in ordinary places: a home router nobody updates, a reused password, a fake support flow, a dodgy app, or a family workaround that looked harmless at the time.
Practical automation
Automation should reduce busywork and improve judgement. If it hides risk, floods people with output, or quietly acts without a responsible human, it is not clever. It is a liability with a progress bar.
The uncomfortable bit
Recovery is often slower than the harm.
Good people inside banks, telcos, law enforcement, and platforms often try hard. Some teams are excellent. Some are under-resourced. Sometimes a useful fraud or safety contact disappears after a restructure because fraud response is a cost centre while abusive platform activity still makes money.
That is not a reason to give up. It is a reason to reduce the chance your family or business becomes dependent on a slow recovery process in the first place.
How we write and build
- Evidence over vendor gloss.
- Usable controls beat perfect controls nobody follows.
- Explain the trade-off, then give people a path they can actually use.
- Do not pretend recovery is easy just because the brochure has a reporting form.
- AI can help. It can also create very fast nonsense. Keep the human accountable.
Start with the home security guide.
It is the clearest example of the S6 approach: practical, evidence-linked, blunt where needed, and built for people who have actual lives.