Skip to content

Commit fe0d345

Browse files
wrhalpinwrhalpin
authored
Merge pull request #172 from wrhalpin/claude/live-presentation-deck-tYlEP
Refine presentation: remove costs, reorder slides, clean up roadmap
2 parents b5a6437 + f48bd7d commit fe0d345

1 file changed

Lines changed: 44 additions & 56 deletions

File tree

docs/deck/index.html

Lines changed: 44 additions & 56 deletions
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,20 @@ <h2>The Solution</h2>
5656
</ul>
5757
</section>
5858

59-
<!-- SLIDE 4: Architecture -->
59+
<!-- SLIDE 4: The Abstraction Advantage -->
60+
<section data-background="#1a1a1a">
61+
<h2>The Abstraction Advantage</h2>
62+
<ul style="font-size: 0.8em;">
63+
<li><strong>Portability:</strong> Switch platforms, pipeline stays the same</li>
64+
<li><strong>Maintenance:</strong> API changes affect one connector, not every script</li>
65+
<li><strong>Consistency:</strong> One interface works across 159 platforms</li>
66+
<li><strong>Coherence:</strong> One scheduler, one log stream, one health endpoint</li>
67+
<li><strong>Incremental:</strong> Each layer independently useful</li>
68+
<li><strong>Testing:</strong> 5,100+ unit tests, 70% coverage minimum</li>
69+
</ul>
70+
</section>
71+
72+
<!-- SLIDE 5: Architecture -->
6073
<section data-background="#1a1a1a">
6174
<h2>Core Architecture</h2>
6275
<p style="font-size: 0.8em;">
@@ -72,7 +85,7 @@ <h2>Core Architecture</h2>
7285
</p>
7386
</section>
7487

75-
<!-- SLIDE 5: 159 Connectors -->
88+
<!-- SLIDE 6: 159 Connectors -->
7689
<section data-background="#1a1a1a">
7790
<h2>159 Platform Connectors</h2>
7891
<p style="font-size: 0.75em;">
@@ -84,7 +97,7 @@ <h2>159 Platform Connectors</h2>
8497
</p>
8598
</section>
8699

87-
<!-- SLIDE 6: STIX 2.1 ORM -->
100+
<!-- SLIDE 7: STIX 2.1 ORM -->
88101
<section data-background="#1a1a1a">
89102
<h2>STIX 2.1 ORM</h2>
90103
<p>Universal data contract across all connectors:</p>
@@ -98,7 +111,7 @@ <h2>STIX 2.1 ORM</h2>
98111
</ul>
99112
</section>
100113

101-
<!-- SLIDE 7: Pipelines -->
114+
<!-- SLIDE 8: Pipelines -->
102115
<section data-background="#1a1a1a">
103116
<h2>Ingest & Export Pipelines</h2>
104117
<p><strong>Ingest:</strong> 14 readers (CSV, JSON, STIX, TAXII, Splunk, Elastic...) × 12 mappers</p>
@@ -108,7 +121,7 @@ <h2>Ingest & Export Pipelines</h2>
108121
</p>
109122
</section>
110123

111-
<!-- SLIDE 8: Scheduling -->
124+
<!-- SLIDE 9: Scheduling -->
112125
<section data-background="#1a1a1a">
113126
<h2>Scheduling</h2>
114127
<p>FeedScheduler: One scheduler for all job types</p>
@@ -121,7 +134,7 @@ <h2>Scheduling</h2>
121134
<p style="font-size: 0.75em; color: #9e9e9e;">Drift-corrected timing • Overlap protection • On-success/failure hooks</p>
122135
</section>
123136

124-
<!-- SLIDE 9: AI Agents -->
137+
<!-- SLIDE 10: AI Agents -->
125138
<section data-background="#1a1a1a">
126139
<h2>AI Agents</h2>
127140
<p>Multi-LLM threat research with human-in-the-loop</p>
@@ -133,7 +146,7 @@ <h2>AI Agents</h2>
133146
</ul>
134147
</section>
135148

136-
<!-- SLIDE 10: Natural Language Queries -->
149+
<!-- SLIDE 11: Natural Language Queries -->
137150
<section data-background="#1a1a1a">
138151
<h2>Natural Language Queries</h2>
139152
<p style="font-size: 0.9em;">Two backends, same QuerySpec output</p>
@@ -146,7 +159,7 @@ <h2>Natural Language Queries</h2>
146159
</p>
147160
</section>
148161

149-
<!-- SLIDE 11: Research Library -->
162+
<!-- SLIDE 12: Research Library -->
150163
<section data-background="#1a1a1a">
151164
<h2>Research Library</h2>
152165
<p>Three-tier analyst knowledge base</p>
@@ -157,7 +170,7 @@ <h2>Research Library</h2>
157170
</ul>
158171
</section>
159172

160-
<!-- SLIDE 12: Automated Reports -->
173+
<!-- SLIDE 13: Automated Reports -->
161174
<section data-background="#1a1a1a">
162175
<h2>Automated Report Generation</h2>
163176
<ul style="font-size: 0.85em;">
@@ -168,7 +181,7 @@ <h2>Automated Report Generation</h2>
168181
<p style="font-size: 0.75em; color: #9e9e9e;">Pipeline: DataAggregator → ReportSynthesizer → Renderers → Email/SharePoint</p>
169182
</section>
170183

171-
<!-- SLIDE 13: Sector Targeting -->
184+
<!-- SLIDE 14: Sector Targeting -->
172185
<section data-background="#1a1a1a">
173186
<h2>Sector Targeting Intelligence</h2>
174187
<p><code>x_target_sectors</code> - Normalized across all 159 connectors</p>
@@ -180,7 +193,7 @@ <h2>Sector Targeting Intelligence</h2>
180193
<p style="font-size: 0.75em; color: #9e9e9e;">Sector aliases expand: 'healthcare' matches 'Health', 'Medical', 'H-ISAC'</p>
181194
</section>
182195

183-
<!-- SLIDE 14: Solr Search -->
196+
<!-- SLIDE 15: Solr Search -->
184197
<section data-background="#1a1a1a">
185198
<h2>Search Sidecar</h2>
186199
<p>Full-text search across all 159 connectors simultaneously</p>
@@ -192,7 +205,7 @@ <h2>Search Sidecar</h2>
192205
</ul>
193206
</section>
194207

195-
<!-- SLIDE 15: TAXII 2.1 Server -->
208+
<!-- SLIDE 16: TAXII 2.1 Server -->
196209
<section data-background="#1a1a1a">
197210
<h2>TAXII 2.1 Server & STIX Validator</h2>
198211
<ul style="font-size: 0.75em;">
@@ -205,7 +218,7 @@ <h2>TAXII 2.1 Server & STIX Validator</h2>
205218
</p>
206219
</section>
207220

208-
<!-- SLIDE 16: Health & Capability Reflection -->
221+
<!-- SLIDE 17: Health & Capability Reflection -->
209222
<section data-background="#1a1a1a">
210223
<h2>Health Monitoring & Capability Reflection</h2>
211224
<ul style="font-size: 0.8em;">
@@ -216,7 +229,7 @@ <h2>Health Monitoring & Capability Reflection</h2>
216229
</ul>
217230
</section>
218231

219-
<!-- SLIDE 17: TUI & Web Dashboard -->
232+
<!-- SLIDE 18: TUI & Web Dashboard -->
220233
<section data-background="#1a1a1a">
221234
<h2>Terminal UI & Web Dashboard</h2>
222235
<p><strong>Terminal UI (Textual)</strong> - Works over SSH</p>
@@ -225,7 +238,7 @@ <h2>Terminal UI & Web Dashboard</h2>
225238
<p style="font-size: 0.8em;">/api/library • /api/reports • /api/scheduler • /health</p>
226239
</section>
227240

228-
<!-- SLIDE 18: XSOAR Codegen -->
241+
<!-- SLIDE 19: XSOAR Codegen -->
229242
<section data-background="#1a1a1a">
230243
<h2>XSOAR Content Pack Generator</h2>
231244
<p>Auto-generate XSOAR 6 content packs from connector introspection</p>
@@ -237,7 +250,7 @@ <h2>XSOAR Content Pack Generator</h2>
237250
<p style="font-size: 0.75em; color: #9e9e9e;">Upstream contribution pipeline with 7-step compliance gate</p>
238251
</section>
239252

240-
<!-- SLIDE 19: Docker -->
253+
<!-- SLIDE 20: Docker -->
241254
<section data-background="#1a1a1a">
242255
<h2>Docker Containerization</h2>
243256
<p>Production stack: docker-compose.yml</p>
@@ -250,7 +263,7 @@ <h2>Docker Containerization</h2>
250263
</ul>
251264
</section>
252265

253-
<!-- SLIDE 20: Multi-Tenant -->
266+
<!-- SLIDE 21: Multi-Tenant -->
254267
<section data-background="#1a1a1a">
255268
<h2>Multi-Tenant Workspace Isolation</h2>
256269
<p>Transparent namespace prefixing, no schema migration</p>
@@ -261,10 +274,10 @@ <h2>Multi-Tenant Workspace Isolation</h2>
261274
<p style="font-size: 0.75em; color: #9e9e9e;">Works with SQLite and FlatFile stores. CLI: gnat tenant list/create/delete</p>
262275
</section>
263276

264-
<!-- SLIDE 21: Deployment -->
277+
<!-- SLIDE 22: Deployment -->
265278
<section data-background="#1a1a1a">
266279
<h2>Deployment: Single Azure VM</h2>
267-
<p><strong>Azure B2s (~$50/month)</strong></p>
280+
<p><strong>Azure B2s</strong></p>
268281
<ul style="font-size: 0.8em;">
269282
<li>gnat-scheduler.service - FeedScheduler</li>
270283
<li>gnat-edl.service :8080 - EDL server</li>
@@ -273,7 +286,7 @@ <h2>Deployment: Single Azure VM</h2>
273286
<p style="margin-top: 1em; font-size: 0.8em;"><strong>Scale-out:</strong> 100+ feeds → Container Instances • 10+ analysts → PostgreSQL • Multi-tenant → shared codebase</p>
274287
</section>
275288

276-
<!-- SLIDE 22: Migrations & Plugins -->
289+
<!-- SLIDE 23: Migrations & Plugins -->
277290
<section data-background="#1a1a1a">
278291
<h2>Database Migrations & Plugin System</h2>
279292
<ul style="font-size: 0.8em;">
@@ -283,7 +296,7 @@ <h2>Database Migrations & Plugin System</h2>
283296
</ul>
284297
</section>
285298

286-
<!-- SLIDE 23: RBAC & Validator -->
299+
<!-- SLIDE 24: RBAC & Validator -->
287300
<section data-background="#1a1a1a">
288301
<h2>Policy Engine (RBAC) & STIX Validator</h2>
289302
<p><strong>Roles:</strong> VIEWER • ANALYST • OPERATOR • ADMIN</p>
@@ -294,7 +307,7 @@ <h2>Policy Engine (RBAC) & STIX Validator</h2>
294307
</ul>
295308
</section>
296309

297-
<!-- SLIDE 24: Workflows -->
310+
<!-- SLIDE 25: Workflows -->
298311
<section data-background="#1a1a1a">
299312
<h2>Agent Orchestration - Workflow DAG Engine</h2>
300313
<p>Sequential DAG executor with success/failure routing</p>
@@ -305,15 +318,15 @@ <h2>Agent Orchestration - Workflow DAG Engine</h2>
305318
</ul>
306319
</section>
307320

308-
<!-- SLIDE 25: Lineage & Metrics -->
321+
<!-- SLIDE 26: Lineage & Metrics -->
309322
<section data-background="#1a1a1a">
310323
<h2>Data Lineage & Analyst Metrics</h2>
311324
<p><strong>Data Lineage:</strong> Append-only event log (INGESTED, ENRICHED, NORMALIZED, LINKED, EXPORTED, REPORTED, DELETED)</p>
312325
<p><strong>Analyst Metrics:</strong> Ring-buffer with 9 metric types</p>
313326
<p style="font-size: 0.75em;">investigation_summary(days) • enrichment_effectiveness(platform, days) • gap_frequency(days) • false_positive_rate(days)</p>
314327
</section>
315328

316-
<!-- SLIDE 26: Review Queue -->
329+
<!-- SLIDE 27: Review Queue -->
317330
<section data-background="#1a1a1a">
318331
<h2>AI Intel Review Queue</h2>
319332
<p>Human-in-the-loop gate: PENDING → APPROVED → PROMOTED</p>
@@ -324,7 +337,7 @@ <h2>AI Intel Review Queue</h2>
324337
</ul>
325338
</section>
326339

327-
<!-- SLIDE 27: Phase 4 Safety -->
340+
<!-- SLIDE 28: Phase 4 Safety -->
328341
<section data-background="#1a1a1a">
329342
<h2>Phase 4 - Control, Reasoning & Safety (v1.6)</h2>
330343
<ul style="font-size: 0.75em;">
@@ -336,18 +349,6 @@ <h2>Phase 4 - Control, Reasoning & Safety (v1.6)</h2>
336349
</ul>
337350
</section>
338351

339-
<!-- SLIDE 28: Advantages -->
340-
<section data-background="#1a1a1a">
341-
<h2>The Abstraction Advantage</h2>
342-
<ul style="font-size: 0.8em;">
343-
<li><strong>Portability:</strong> Switch platforms, pipeline stays the same</li>
344-
<li><strong>Maintenance:</strong> API changes affect one connector, not every script</li>
345-
<li><strong>Consistency:</strong> One interface works across 159 platforms</li>
346-
<li><strong>Coherence:</strong> One scheduler, one log stream, one health endpoint</li>
347-
<li><strong>Incremental:</strong> Each layer independently useful</li>
348-
<li><strong>Testing:</strong> 5,100+ unit tests, 70% coverage minimum</li>
349-
</ul>
350-
</section>
351352

352353
<!-- SLIDE 29: Security & CI -->
353354
<section data-background="#1a1a1a">
@@ -361,20 +362,7 @@ <h2>Code Safety, CI & Security</h2>
361362
</ul>
362363
</section>
363364

364-
<!-- SLIDE 30: By the Numbers -->
365-
<section data-background="#1a1a1a">
366-
<h2>By the Numbers</h2>
367-
<p style="font-size: 1.2em;">
368-
<strong style="color: #c41e2a;">159</strong> Connectors<br/>
369-
<strong style="color: #c41e2a;">5,100+</strong> Unit Tests<br/>
370-
<strong style="color: #c41e2a;">250+</strong> Source Files<br/>
371-
<strong style="color: #c41e2a;">~$50</strong>/month Azure VM<br/>
372-
<strong style="color: #c41e2a;">60</strong> AI Confidence Ceiling<br/>
373-
<strong style="color: #c41e2a;">49</strong> Architecture Decision Records
374-
</p>
375-
</section>
376-
377-
<!-- SLIDE 31: Implementation Sequence -->
365+
<!-- SLIDE 30: Implementation Sequence -->
378366
<section data-background="#1a1a1a">
379367
<h2>Implementation Sequence</h2>
380368
<ul style="font-size: 0.75em;">
@@ -387,24 +375,24 @@ <h2>Implementation Sequence</h2>
387375
</ul>
388376
</section>
389377

390-
<!-- SLIDE 32: Roadmap -->
378+
<!-- SLIDE 31: Roadmap -->
391379
<section data-background="#1a1a1a">
392380
<h2>All Roadmap Items Complete</h2>
393-
<p style="font-size: 0.8em;">✓ Every pending item shipped — v1.9.0 complete · Phase 4 (v1.6) shipped</p>
381+
<p style="font-size: 0.8em;">✓ Every pending item shipped — v1.9.0 complete</p>
394382
<p style="font-size: 0.7em; color: #9e9e9e;">
395383
✅ 159 connectors · STIX 2.1 ORM · Ingest/export pipelines · AI agents (Claude/OpenAI/Grok/Gemini)<br/>
396384
✅ TAXII 2.1 · Policy RBAC · 5,100+ tests · Docker · Multi-tenant · Migrations · Plugins<br/>
397-
✅ Workflows · Lineage · Metrics · Review queue · Phase 4 safety · Health monitoring · Codegen
385+
✅ Workflows · Lineage · Metrics · Review queue · Health monitoring · Codegen
398386
</p>
399387
</section>
400388

401-
<!-- SLIDE 33: Closing -->
389+
<!-- SLIDE 32: Closing -->
402390
<section data-background="#1a1a1a">
403391
<h1><span class="accent">GNAT</span></h1>
404392
<h3>One library. Every platform. Total control.</h3>
405393
<p style="font-size: 0.9em; margin-top: 2em;">
406394
Version 1.9.0 • Python 3.9+ • Apache 2.0<br/>
407-
159 connectors • STIX 2.1 • AI-assisted • ~$50/month
395+
159 connectors • STIX 2.1 • AI-assisted • Apache 2.0
408396
</p>
409397
<p style="font-size: 0.75em; color: #9e9e9e; margin-top: 2em;">
410398
GitHub: wrhalpin/GNAT · Docs: wrhalpin.github.io/GNAT · Read: EXAMPLES.md · README.md

0 commit comments

Comments
 (0)