{"id":"https://openalex.org/W7140110703","doi":"https://doi.org/10.48550/arxiv.2603.20131","title":"An Agentic Multi-Agent Architecture for Cybersecurity Risk Management","display_name":"An Agentic Multi-Agent Architecture for Cybersecurity Risk Management","publication_year":2026,"publication_date":"2026-03-20","ids":{"openalex":"https://openalex.org/W7140110703","doi":"https://doi.org/10.48550/arxiv.2603.20131"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2603.20131","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.20131","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2603.20131","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5130349709","display_name":"Ravish Gupta","orcid":null},"institutions":[{"id":"https://openalex.org/I190778170","display_name":"Ofcom","ror":"https://ror.org/03pzspq13","country_code":"GB","type":"other","lineage":["https://openalex.org/I190778170"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Gupta, Ravish","raw_affiliation_strings":["BigCommerce"],"affiliations":[{"raw_affiliation_string":"BigCommerce","institution_ids":["https://openalex.org/I190778170"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5104346980","display_name":"Saket Kumar","orcid":null},"institutions":[{"id":"https://openalex.org/I63190737","display_name":"University at Buffalo, State University of New York","ror":"https://ror.org/01y64my43","country_code":"US","type":"education","lineage":["https://openalex.org/I63190737"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kumar, Saket","raw_affiliation_strings":["University at Buffalo, The State University of New York, Buffalo, NY, USA"],"affiliations":[{"raw_affiliation_string":"University at Buffalo, The State University of New York, Buffalo, NY, USA","institution_ids":["https://openalex.org/I63190737"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5130340311","display_name":"Shreeya Sharma","orcid":null},"institutions":[{"id":"https://openalex.org/I4210164937","display_name":"Microsoft Research (United Kingdom)","ror":"https://ror.org/05k87vq12","country_code":"GB","type":"company","lineage":["https://openalex.org/I1290206253","https://openalex.org/I4210164937"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Sharma, Shreeya","raw_affiliation_strings":["Microsoft"],"affiliations":[{"raw_affiliation_string":"Microsoft","institution_ids":["https://openalex.org/I4210164937"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5016469147","display_name":"Maulik Dang","orcid":null},"institutions":[{"id":"https://openalex.org/I4210089985","display_name":"Amazon (Germany)","ror":"https://ror.org/00b9ktm87","country_code":"DE","type":"company","lineage":["https://openalex.org/I1311688040","https://openalex.org/I4210089985"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Dang, Maulik","raw_affiliation_strings":["Amazon"],"affiliations":[{"raw_affiliation_string":"Amazon","institution_ids":["https://openalex.org/I4210089985"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5003546823","display_name":"Abhishek Aggarwal","orcid":"https://orcid.org/0000-0003-3295-1954"},"institutions":[{"id":"https://openalex.org/I4210089985","display_name":"Amazon (Germany)","ror":"https://ror.org/00b9ktm87","country_code":"DE","type":"company","lineage":["https://openalex.org/I1311688040","https://openalex.org/I4210089985"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Aggarwal, Abhishek","raw_affiliation_strings":["Amazon"],"affiliations":[{"raw_affiliation_string":"Amazon","institution_ids":["https://openalex.org/I4210089985"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5130349709"],"corresponding_institution_ids":["https://openalex.org/I190778170"],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.25429999828338623,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.25429999828338623,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10456","display_name":"Multi-Agent Systems and Negotiation","score":0.0763000026345253,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12203","display_name":"Mobile Agent-Based Network Management","score":0.07159999758005142,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.6251999735832214},{"id":"https://openalex.org/keywords/risk-assessment","display_name":"Risk assessment","score":0.557699978351593},{"id":"https://openalex.org/keywords/nist","display_name":"NIST","score":0.5551000237464905},{"id":"https://openalex.org/keywords/profiling","display_name":"Profiling (computer programming)","score":0.5253999829292297},{"id":"https://openalex.org/keywords/risk-management","display_name":"Risk management","score":0.4869999885559082},{"id":"https://openalex.org/keywords/baseline","display_name":"Baseline (sea)","score":0.41290000081062317},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.3801000118255615}],"concepts":[{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.6251999735832214},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.571399986743927},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.557699978351593},{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.5551000237464905},{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.5253999829292297},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5033000111579895},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.4869999885559082},{"id":"https://openalex.org/C12725497","wikidata":"https://www.wikidata.org/wiki/Q810247","display_name":"Baseline (sea)","level":2,"score":0.41290000081062317},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.39570000767707825},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.3801000118255615},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.3465999960899353},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.3353999853134155},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.3109000027179718},{"id":"https://openalex.org/C164403151","wikidata":"https://www.wikidata.org/wiki/Q7336280","display_name":"Risk management framework","level":4,"score":0.30730000138282776},{"id":"https://openalex.org/C2780264999","wikidata":"https://www.wikidata.org/wiki/Q7445032","display_name":"Security domain","level":2,"score":0.29820001125335693},{"id":"https://openalex.org/C95609273","wikidata":"https://www.wikidata.org/wiki/Q5975208","display_name":"IT risk management","level":3,"score":0.2919999957084656},{"id":"https://openalex.org/C2778363899","wikidata":"https://www.wikidata.org/wiki/Q23900955","display_name":"Window of opportunity","level":2,"score":0.28299999237060547},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.26429998874664307}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2603.20131","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.20131","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2603.20131","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.20131","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Getting":[0],"a":[1,7,13,41,68,101,162,166,210],"real":[2],"cybersecurity":[3],"risk":[4],"assessment":[5,75],"for":[6],"small":[8,34],"organization":[9],"is":[10],"expensive":[11],"--":[12,86,116,219],"NIST":[14],"CSF-aligned":[15],"engagement":[16],"runs":[17],"$15,000":[18],"on":[19,27,81,100,126,209],"the":[20,53,74,87,117,124,179,229],"low":[21],"end,":[22],"takes":[23],"weeks,":[24],"and":[25,63,106,134,159],"depends":[26],"practitioners":[28,115],"who":[29],"are":[30],"genuinely":[31],"scarce.":[32],"Most":[33],"companies":[35],"skip":[36],"it":[37,99],"entirely.":[38],"We":[39,97,140],"built":[40],"six-agent":[42],"AI":[43],"system":[44,118],"where":[45],"each":[46],"agent":[47,95],"handles":[48],"one":[49,205],"analytical":[50],"stage:":[51],"profiling":[52],"organization,":[54],"mapping":[55],"assets,":[56],"analyzing":[57],"threats,":[58],"evaluating":[59],"controls,":[60],"scoring":[61],"risks,":[62,133],"generating":[64],"recommendations.":[65],"Agents":[66],"share":[67],"persistent":[69],"context":[70,217,220],"that":[71,89],"grows":[72],"as":[73],"proceeds,":[76],"so":[77],"later":[78],"agents":[79],"build":[80],"what":[82],"earlier":[83],"ones":[84],"concluded":[85],"mechanism":[88],"distinguishes":[90],"this":[91],"from":[92],"standard":[93],"sequential":[94],"pipelines.":[96],"tested":[98],"15-person":[102],"HIPAA-covered":[103],"healthcare":[104],"company":[105],"compared":[107],"outputs":[108],"to":[109,227],"independent":[110],"assessments":[111,146],"by":[112],"three":[113],"CISSP":[114],"agreed":[119],"with":[120,213],"them":[121],"85%":[122],"of":[123,131,206],"time":[125],"severity":[127],"classifications,":[128],"covered":[129],"92%":[130],"identified":[132],"finished":[135],"in":[136,154,188,192,196],"under":[137],"15":[138],"minutes.":[139],"then":[141],"ran":[142],"30":[143,207],"repeated":[144],"single-agent":[145],"across":[147],"five":[148],"synthetic":[149],"but":[150],"sector-realistic":[151],"organizational":[152],"profiles":[153],"healthcare,":[155,189],"fintech,":[156],"manufacturing,":[157,193],"retail,":[158],"SaaS,":[160],"comparing":[161],"general-purpose":[163],"Mistral-7B":[164],"against":[165],"domain":[167],"fine-tuned":[168,175],"model.":[169],"Both":[170],"completed":[171],"every":[172,204],"run.":[173],"The":[174,198],"model":[176,223],"flagged":[177],"threats":[178],"baseline":[180],"could":[181],"not":[182,222],"see":[183],"at":[184],"all:":[185],"PHI":[186],"exposure":[187],"OT/IIoT":[190],"vulnerabilities":[191],"platform-specific":[194],"risks":[195],"retail.":[197],"full":[199],"multi-agent":[200],"pipeline,":[201],"however,":[202],"failed":[203],"attempts":[208],"Tesla":[211],"T4":[212],"its":[214],"4,096-token":[215],"default":[216],"window":[218],"capacity,":[221],"quality,":[224],"turned":[225],"out":[226],"be":[228],"binding":[230],"constraint.":[231]},"counts_by_year":[],"updated_date":"2026-03-24T06:04:31.470712","created_date":"2026-03-24T00:00:00"}