Agentic Cyber
Defense Framework
Four cybersecurity agents working in concert under human oversight, with every autonomous action gated by the same safety pipeline that defends production LLM systems.
Four agents, one mission
Each agent has a narrow, auditable role. The operator approves, modifies, or rejects every action before it dispatches downstream.
Project Management agent
Converts a high-level scoping intent into an ATT&CK-aligned task graph with explicit dependencies and operator-approval gates on every node. Deterministic in Phase I; LLM-driven planner is the Phase II swap point.
Code Generation & Execution agent
Translates plan nodes into parameterized Nmap and Metasploit auxiliary-scanner invocations. Every command passes through Oubliette's five-stage safety pipeline before execution. CALDERA-only enforcement at the policy layer; live execution is unreachable in Phase I builds.
Cyber Analysis agent
Ingests scanner output (Nmap XML today; Nessus and MSF results in Phase II), normalizes to ATT&CK-tagged findings, and ranks transparently by exploitability × asset_criticality × CVSS. Every score carries the reasoning chain; no opaque rankings.
Vulnerability Research agent
RAG-based reasoning against the NIST NVD corpus with a citation-integrity guard. Every answer is bound to verifiable citations; uncited claims are rejected before they leave the agent.
Operator UI (cross-cutting)
Web review queue for every pending action, with full audit log and workflow replay without re-executing tools. The integration substrate is MITRE CALDERA + Qdrant + Ollama + MCP transport.
What makes this different
Defender-grade safety rails on offensive automation
No other agentic-pentest framework pairs an AI firewall as the pre-execution safety gate. The same pipeline that defends production LLMs blocks unsafe tool emissions before they reach the target.
Citation-bound vulnerability research
The Vulnerability Research agent enforces an evidence-integrity contract: every CVE claim must trace back to a retrieved NVD record. Hallucinated CVE IDs are rejected by the integrity guard before reaching the calling agent.
Human-on-the-loop by default
The operator UI is not an afterthought; it is the §2 Objective 6 deliverable. Every action is approve-modify-reject reviewable; every decision is persisted with operator identity and timestamp.
Replay over re-execution
Workflows are replayable from the audit log without re-running any tools. Audit-grade reproducibility for any IG, any after-action review, any compliance evidence package.
Phase I prototype available under briefing
The framework is under active development as a Phase I SBIR effort. Capability briefing, repository walkthrough, and demo are available under appropriate access channels.