SOCC Documentation

SOCC documentation follows a simple split:

• README.md is the entrypoint for first contact

• docs/ is the canonical reference for setup, operations, architecture, and contribution

Use the sections below as your starting point.

SOCC is a security operations copiloto focused on threat intelligence, suspicious artifact triage, investigation support, and incident response workflows.

Installation

• Requirements
  • Runtime Requirements
  • Recommended Local Tools
  • Source Build Requirements
  • Optional Local Backends
  • Next Steps
• Quick Start
  • 1. Install Node.js
  • 2. Install SOCC
  • 3. Start SOCC
  • 4. Fastest Provider Examples
  • 5. If socc Is Not Found
  • 6. Safety Reminder
  • Next Steps
• Windows Setup
  • 1. Install Node.js
  • 2. Install SOCC
  • 3. Start SOCC
  • 4. PowerShell Provider Examples
  • 5. If socc Is Not Found
  • 6. Troubleshooting Basics
  • Next Steps
• Advanced Setup
  • Install Options
  • Provider Examples
  • Environment Variables
  • Runtime Hardening
  • Provider Launch Profiles
  • Related Docs

Configuration

• Provider Setup
  • Supported Providers
  • Recommended Setup Flow
  • Provider Notes
  • Agent Routing
  • Web Search and Fetch
  • Related Docs
• LiteLLM Proxy Setup
  • Overview
  • Prerequisites
  • 1. Install and Start LiteLLM
  • 2. Point SOCC at LiteLLM
  • 3. Using /provider
  • 4. Troubleshooting
  • Resources

Operations

• Runtime Hardening
  • Recommended Checks
  • What These Checks Cover
  • Operational Guidance
  • Analyst Safety
  • Related Docs
• Headless gRPC Server
  • Start the Server
  • Configuration
  • Run the Test CLI Client
  • Protocol Source
  • Typical Use Cases
  • Operational Notes
  • Related Docs

Architecture

• Architecture Overview
  • High-Level Layers
  • Product Shape
  • Design Priorities
  • Codebase Anchors
  • Related Docs
• Runtime Map
  • Repository Structure
  • Runtime State
  • Validation Surfaces
  • Change Strategy
  • Related Docs

Contributing

• Contributing

Quick Links

• Security Policy

• Contribution Guidelines

• Repository Root