AVAnvesh Vishwarajuinanveshtheaisocanalyst.hashnode.dev·Jun 3 · 10 min readWhy Single-Layer LLM Triage Is Dangerous in a SOC — And the Architecture I'm Building to Prevent ItPublished on Hashnode | Anvesh Raju Vishwaraju | June 2026 I came across an article recently that genuinely surprised me. Not because the topic was new to me — but because someone at the same educatio21A
AVAnvesh Vishwarajuinanveshtheaisocanalyst.hashnode.dev·May 22 · 4 min readWhy LLMs Hallucinate on MITRE ATT&CK — And How RAG Fixes It The Problem Ask any frontier LLM "what sub-techniques fall under T1078 — Valid Accounts?" and you'll get a confident, detailed answer. You'll also get things that are wrong. Not because the model is u10
AVAnvesh Vishwarajuinanveshtheaisocanalyst.hashnode.dev·May 22 · 4 min readBridging the Detection-Exploitation Gap with AI: Building PentestXBackground In most security operations centres, offensive and defensive knowledge exist in separate silos. Penetration testers understand exploitation chains intimately. SOC analysts understand alert 00