A comprehensive cybersecurity platform built with Node.js backend and React frontend, featuring AI-powered vulnerability analysis, risk assessment, and security audit capabilities.
- Dashbord: Role-based dashboard for cybersecurity audits, risk tracking, and compliance tasks.
- User & Auditor Management: Role-based access control (Admin, Auditor, Auditee)
- Organization Profile: Multi-organization support with detailed profiling
- Information Asset Inventory: Comprehensive asset management with CIA classification
- Threat & Vulnerability Identification: OWASP Top 10 vulnerability database
- Risk Assessment Engine: Automated risk calculation (Likelihood × Impact)
- Risk Assessment: Risk Assessment identifies threats, scores risk (Likelihood x Impact), and prioritizes mitigation actions.
- Control Audit Checklist: OCTAVE Allegro compliance framework
- Audit Evidence Collection: File upload and evidence management
- Compliance Scoring: Real-time compliance metrics and visualization
- Audit Findings Generator: Automated finding generation with severity levels
- AI Auditor Assistant: AI-powered consultation for vulnerabilities and controls
- Report Generator: Comprehensive audit reports with AI assistance
- JWT-based authentication
- Password hashing with bcryptjs
- Role-based access control
- Input validation and sanitization
- Rate limiting
- Security headers
- Backend: Node.js, Express, MySQL
- Frontend: React, Material-UI, React Router
- Database: MySQL with comprehensive schema
- AI Integration: OpenAI API for intelligent analysis
- Charts: Recharts for data visualization
- Node.js (v14 or higher)
- MySQL (v5.7 or higher)
- npm or yarn
- Clone and Install Dependencies
cd ai-cybersecurity-platform
npm install
cd client
npm install- Database Setup
- Create a MySQL database named
cybersecurity_audit - Update database configuration in
.envfile (see Environment Variables section)
- Environment Variables
Create a
.envfile in the root directory:
# Database Configuration
DB_HOST=127.0.0.1
DB_PORT=3306
DB_USER=root
DB_PASSWORD=your_password
DB_NAME=cybersecurity_audit
# JWT Configuration
JWT_SECRET=your-secret-key-here
# Server Configuration
PORT=3000
# OpenAI Configuration (Optional)
OPENAI_API_KEY=your-openai-api-key- Start the Application
# Start backend server
npm start
# In a new terminal, start frontend
cd client
npm start- Access the Application
- Frontend: http://localhost:3000
- Backend API: http://localhost:3000
- Email: admin@cybersec.com
- Password: admin123
- Role: admin
- Email: auditor@cybersec.com
- Password: auditor123
- Role: auditor
- Email: auditee@cybersec.com
- Password: auditee123
- Role: auditee
- Create and manage user accounts
- Set up organizations and assign auditors
- Monitor system compliance and audit progress
- Generate comprehensive reports
- Collect evidence and document findings
- Generate audit reports with AI assistance
- Create and manage audit tasks
- Conduct security assessments
- Collect evidence and document findings
- Generate audit reports with AI assistance
- View assigned audits
- Provide evidence and respond to findings
- Track compliance status
- All passwords are hashed using bcryptjs
- JWT tokens are used for authentication
- Input validation is implemented on all endpoints
- Rate limiting prevents abuse
- Security headers are configured
ai-cybersecurity-platform/
├── server.js # Main server file
├── package.json # Backend dependencies
├── client/ # React frontend
│ ├── public/
│ ├── src/
│ │ ├── components/ # Reusable components
│ │ ├── contexts/ # React contexts
│ │ ├── pages/ # Page components
│ │ └── App.js # Main app component
│ └── package.json # Frontend dependencies
└── README.md # This file
npm start- Start backend servernpm run dev- Start with nodemonnpm run client- Start frontendnpm run install-all- Install all dependencies
This project is licensed under the MIT License - see the LICENSE file for details.
Note: This platform is designed for educational and demonstration purposes. For production use, ensure proper security configurations and regular security updates.