A Multi-agent system designed to answer questions about cybersecurity and the MITRE ATT&CK framework. The system incorporates several search and reasoning techniques, such as vector search, Cypher query to Neo4j, and integration with MCP RDF agent for graph and RDF-based data exploration.
- Multi-Agent System (LangGraph): The primary application logic that orchestrates the entire workflow. It includes specialized agents for validating questions, querying databases, reflecting on results, and synthesizing final answers
- Neo4j Knowledge Graph: A graph database storing structured cybersecurity data (e.g., from the MITRE ATT&CK framework), which is queried using the Cypher language.
- MCP RDF Explorer: Model Context Protocol (MCP) server that provides a conversational interface for RDF-based Knowledge Graph (Turtle) exploration and analysis in local file mode or SPARQL endpoint mode. (https://github.com/emekaokoye/mcp-rdf-explorer)
How to use
Make sure that you already have uv installed on your desktop, if not then here's the installation guide : https://docs.astral.sh/uv/getting-started/installation/
git clone <this-project>
cd <this-project>
uv sync- make sure that you have cloned the MCP RDF Explorer repository, outside this multi-agents-cykg-rag repository/folder
- add your .ttl (rdf schema) to $ ls mcp-rdf-explorer/src/mcp-rdf-explorer/
- one level with the server.py code
- setup the browser_mcp.json located in root of multi-agents-cykg-rag repository
- which look like this (you can see more specific explanation of this step in MCP-RDF-Explorer repo MCP RDF Explorer) :
{
"mcpServers": {
"rdf_explorer": {
"command": "D:\\Project\\github\\mcp-rdf-explorer\\venv\\Scripts\\python.exe",
"args": ["D:\\Project\\github\\mcp-rdf-explorer\\src\\mcp-rdf-explorer\\server.py", "--triple-file", "statements.ttl"]
}
}
}Make sure again that the .env file is filled !!!
OPENAI_API_KEY=
LANGCHAIN_API_KEY=
LANGCHAIN_TRACING_V2=
LANGCHAIN_ENDPOINT=
LANGCHAIN_PROJECT=
NEO4J_URI=bolt://localhost:7687
NEO4J_USERNAME=
NEO4J_PASSWORD_ICS=
NEO4J_DATABASE=
NEO4J_AURA=
NEO4J_AURA_USERNAME=
NEO4J_AURA_PASSWORD=
NEO4J_AURA_DATABASE=Setup is completed, now you can run the program!!!
uv run -m src.run -- "Your question here"-
Multi-agent workflow: Uses LangGraph to manage the workflow between agents (guardrails, vector search, cypher search, MCP RDF, reflection, and synthesizer).
-
Guardrails: Ensures the questions asked are relevant to the cybersecurity domain.
-
Vector & Cypher Search: Searches for answers from a vector and graph database (Neo4j) with automatic iteration and reflection if results are insufficient.
-
MCP RDF Agent: Integrates RDF-based search to enrich the context of answers.
-
Synthesizer: Combines results from multiple sources into a comprehensive final answer.
-
Logging & Configuration: Supports structured logging and configuration via .env files.
no-log-multi-agents-cykg-rag/
├── src/
│ ├── agents/
│ │ ├── __init__.py
│ │ ├── mcp_rdf_agent.py
│ │ ├── cypher_agent.py
│ │ ├── reflection_agents.py
│ │ └── vector_agent.py
│ ├── chains/
│ │ ├── __init__.py
│ │ ├── guardrails.py
│ │ ├── review.py
│ │ └── synthesizer.py
│ ├── config/
│ │ ├── __init__.py
│ │ └── settings.py
│ ├── graph/
│ │ ├── __init__.py
│ │ ├── state.py
│ │ └── workflow.py
│ ├── log/
│ │ └── (a log file will be created here)
│ ├── utils/
│ │ ├── __init__.py
│ │ └── logging_config.py
│ └── run.py
└── .env