Profile review
Inspect source briefs, boundaries, sample expectations, parser assumptions, and validation state without hunting through scattered notes.
Source library UI
SecHub
A working surface for source-profile review, coverage, and validation evidence.
Current status
Private preview for deeper testing.
SecHub is being hardened around evidence handling, permissions, and source provenance before wider release.
SecHub is the practical interface over the source-library work: a place to inspect profiles, compare source variants, track validation status, and understand what a log source is supposed to look like before it reaches production pipelines.
Coverage planning
Show which sources have usable schema coverage, which need evidence, and where routing or normalisation choices remain unresolved.
Operational handoff
Give engineering, detection, and platform teams a shared source record before onboarding work becomes tribal knowledge.
Boundaries
What it is being designed not to do
- Not a public pastebin for sensitive samples.
- Not a magic parser generator without human review.
- Not an assurance label for sources that have not been tested.
Brief
Next development questions
- Tighten role boundaries and review workflow.
- Add stronger provenance and evidence requirements per source.
- Keep UI claims aligned to validated source coverage.