Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/JoseOlivares19/Proyecto-PC3-JavaScript-Avanzado/llms.txt

Use this file to discover all available pages before exploring further.

The /predict/cyber-sentinel endpoint evaluates a cybersecurity incident snapshot across six network and host metrics and classifies it into one of four severity tiers. The RandomForest model combines failed login volume, open port exposure, unpatched critical vulnerabilities, anomalous traffic percentage, number of affected endpoints, and the overall patch coverage rate to derive a composite risk score. The response provides confidence, a full four-tier probability ranking, and targeted remediation recommendations for your security operations centre.

Endpoint

POST http://localhost:8001/predict/cyber-sentinel
Content-Type: application/json

Request Body

intentos_login_fallidos
integer
required
Number of failed login attempts detected in the current observation window. Must be between 0 and 200.
puertos_abiertos
integer
required
Count of open network ports exposed on monitored hosts. Must be between 0 and 100.
vulnerabilidades_criticas
integer
required
Number of unpatched critical CVEs detected across the monitored environment. Must be between 0 and 20.
trafico_anomalo_pct
float
required
Percentage of network traffic flagged as anomalous by the IDS. Must be between 0.0 and 100.0.
equipos_afectados
integer
required
Number of hosts, workstations, or servers showing signs of compromise or impact. Must be between 0 and 500.
parcheado_pct
float
required
Percentage of monitored endpoints that are fully patched and up to date. Must be between 0.0 and 100.0. A lower value increases the calculated risk score.

Example Request

curl -X POST http://localhost:8001/predict/cyber-sentinel \
  -H "Content-Type: application/json" \
  -d '{
    "intentos_login_fallidos": 145,
    "puertos_abiertos": 62,
    "vulnerabilidades_criticas": 9,
    "trafico_anomalo_pct": 67.4,
    "equipos_afectados": 88,
    "parcheado_pct": 41.0
  }'

Example Response

{
  "caso": "CyberSentinel",
  "prediccion": "CRITICO",
  "confianza": 0.8833,
  "ranking": [
    { "clase": "CRITICO", "probabilidad": 0.8833 },
    { "clase": "ALTO",    "probabilidad": 0.0891 },
    { "clase": "MEDIO",   "probabilidad": 0.0214 },
    { "clase": "BAJO",    "probabilidad": 0.0062 }
  ],
  "recomendaciones": [
    "Priorizar parcheo de vulnerabilidades críticas.",
    "Analizar tráfico y aislar segmentos con comportamiento anómalo.",
    "Activar bloqueo temporal y revisión de credenciales.",
    "Elevar porcentaje de equipos parchados antes de cerrar el incidente."
  ],
  "entrada": {
    "intentos_login_fallidos": 145,
    "puertos_abiertos": 62,
    "vulnerabilidades_criticas": 9,
    "trafico_anomalo_pct": 67.4,
    "equipos_afectados": 88,
    "parcheado_pct": 41.0
  }
}

Response Fields

caso
string
Human-readable model identifier. Always "CyberSentinel" for this endpoint.
prediccion
string
The top predicted severity label. One of:
LabelMeaning
CRITICOImmediate containment required — highest risk composite score
ALTOUrgent response needed — significant exposure across multiple signals
MEDIOElevated concern — investigate and remediate within the sprint
BAJOMinimal risk — continue monitoring and document evidence
confianza
float
Probability assigned to the top predicted severity class, in the range 0.0 to 1.0.
ranking
array of objects
Probability distribution across all four severity labels, sorted in descending order of probability.
recomendaciones
array of strings
Targeted remediation actions generated from the predicted severity and the specific field values that crossed risk thresholds. Up to four recommendations may be returned; at least one is always present.
entrada
object
Echo of the validated request payload as parsed by Pydantic, suitable for SIEM ingestion or incident ticket enrichment.
parcheado_pct has an inverse relationship with risk: a fully patched environment (100.0) reduces the composite risk score significantly, while values below 70 trigger a remediation recommendation in the response.

Build docs developers (and LLMs) love