-
-
Information Flow
-
System Overview
Inspiration
I set out to create this project with the following idea: If the future is truly agentic, we will need an agent-centric information security system that organizes information feeds for use in other agents using MCP/A2A. After working on this project, I only focused on providing a robust MCP for accessing our system data.
What it does
In this project, we have a multi-agent system. Our system is divided into collectors, discovery, and enriching agents. We seed our system with rss, MISP, and Taxii threat feeds. We use Google AdK to coordinate tasks to agents using Kafka topics. This allows us to dynamically spawn necessary agents and enrich the data using MITRE Attack and DSPy to extract entities before adding the information to a graph for later retrieval. Our backend provides an MCP server to enable users to access these data from our api.
Challenges we ran into
In the first week, I created a pretty rudimentary system and aimed to gather a wide range of data from many sources but I quickly ran into rate limits with LLM tool calls. I then pivoted to improving the robustness and pipeline logic my agent system to improve performance and reliability over time.
I also relied on LLM's heavily when working this project. This required me to write tests to fix variables name mismatches and find functionality bugs. One nasty bug that I was stuck on was a tower governor / 500 error code bug that was rate limiting my agents communication to my backend.
I also do not have much experience with web frameworks, so after spinning up the agents and backend, is pretty basic.
What's next for Umbrix
We will run the project until we cannot afford to host it and see what happens. Hopefully we will slowly grow the supported data sources we have and improve the UI so that users can better customize and share their own intelligence graphs.
Log in or sign up for Devpost to join the conversation.