This project is a multi-agent security framework that utilizes multiple LLM models to analyze and generate comprehensive security briefs. It leverages local LLM models via the Ollama API and can optionally use Together API. The framework reads .txt files from a specified directory or a specific file provided via command-line arguments and generates a final summary brief.
- Threat Intelligence Analysis: Analyzes threat intelligence data and provides a summary of key threats.
- Log Analysis: Analyzes log data for anomalies and suspicious activities.
- Vulnerability Assessment: Assesses vulnerabilities and provides a summary of critical vulnerabilities.
- Incident Response: Evaluates incidents and recommends appropriate response actions.
- Overseer Summary: Generates a final summary brief based on the outputs of the other agents.
- Output to File: Saves the final summary brief to a
.txtfile.
- Python 3
requestslibrary (install viapip install requests)
-
Clone the repository:
git clone https://github.com/tegridydev/multi-agent-secops-llm.git cd multi-agent-secops-llm -
Install the required Python packages:
pip install requests
-
Set your API key in the script:
API_KEY = "your-api-key" # Replace 'your-api-key' with your actual API key
-
To analyze all
.txtfiles in thedataopsfolder:python multiagent.py
-
To analyze a specific
.txtfile:python multiagent.py dataops/sampledata.txt
- Data Collection: Reads and collects data from
.txtfiles in the specifieddataopsfolder or a specified file. - Agent Analysis: Uses multiple LLM agents to analyze different aspects of the data:
- Threat Intelligence Agent: Analyzes threat intelligence data.
- Log Analysis Agent: Analyzes log data for anomalies.
- Vulnerability Assessment Agent: Assesses vulnerabilities.
- Incident Response Agent: Evaluates incidents and recommends response actions.
- Overseer Agent: Generates a final summary brief based on the outputs of the other agents.
- Output to File: Saves the final summary brief to
final_summary_brief.txt.