AgentiX Cyber Platform
A unified command center for security operations — combining conversational AI, real-time dashboards, MCP tool integration, and intelligent document analysis in a single platform.
Platform at a Glance
See every major view in action — Super Agent chat, Admin Panel, Knowledge Base, and Settings.
Super Agent — AI Security Assistant
An intelligent cybersecurity assistant that connects directly to your security tools through MCP (Model Context Protocol) servers. Ask natural-language questions and get real-time answers backed by live data.
- Multi-tool integration — Wazuh, Playwright, Filesystem MCP servers
- Contextual prompts — Pre-built queries for common security tasks
- Streaming responses — Real-time AI output as analysis progresses
- Session persistence — Chat history saved across sessions
- RAG support — Upload documents for context-aware responses
Admin Panel & User Management
Comprehensive user administration with role-based access control. Manage users, assign roles, configure feature access, and monitor login activity from a centralized panel.
- User Management — Create, edit, and deactivate user accounts
- Role Assignment — Super Admin, Administrator, SOC Analyst roles
- Feature Access — Granular control over 12+ platform features
- Activity Tracking — Last login timestamps and status monitoring
- MFA Support — Multi-factor authentication tracking
RAG Knowledge Base
Upload security documents, playbooks, and threat reports to create a contextual knowledge base. The AI assistant uses Retrieval-Augmented Generation to provide answers grounded in your organization’s specific documentation.
- Drag & drop upload — Upload PDFs, text files, and documents
- Session-scoped — Documents are tied to chat sessions for context
- Vector embeddings — Automatic chunking and embedding generation
- Contextual answers — AI responses cite relevant document sections
Settings & Preferences
Fine-tune the platform to match your environment. Configure AI models, manage MCP server connections, set up API keys, and customize agent behavior — all from a unified settings panel with 7 configuration tabs.
- Model Configuration — Add custom LLM models with OpenAI-compatible endpoints
- Ollama Integration — Connect to local Ollama servers for private inference
- MCP Servers — Manage security tool connections
- RAG Documents — Configure document processing settings
- Memory Management — Control agent memory and context settings
- Export/Import — Backup and restore platform configuration
MCP Server Integrations
Connect to your security infrastructure through the Model Context Protocol (MCP) — a standardized interface for AI-tool communication.
| MCP Server | Category | Capabilities | Status |
|---|---|---|---|
| Wazuh | SIEM / EDR | Alert retrieval, agent monitoring, rule management, security analytics | Active |
| TheHive | SOAR | Case management, alert correlation, task assignment, evidence tracking | Ready |
| Cortex | Analysis | IOC analysis, malware scanning, threat enrichment, automated response | Ready |
| OpenCTI | Threat Intel | STIX/TAXII feeds, threat actor tracking, indicator management | Ready |
| Velociraptor | Forensics | Endpoint forensics, artifact collection, live response, VQL queries | Ready |
| Playwright | Browser Automation | Security portal interaction, form filling, screenshot capture, monitoring | Active |
| Filesystem | File Operations | Log file access, configuration management, evidence archival | Active |
Workflow Automation
Automate repetitive security tasks with intelligent workflows that chain multiple MCP tools together.
Incident Response
Automated playbooks for alert triage, evidence collection, and containment actions across Wazuh, TheHive, and Cortex.
Threat Hunting
AI-generated hunting queries that run across your SIEM data, enriched with threat intelligence from OpenCTI feeds.
Compliance Reporting
Automatic generation of security compliance reports from live data, formatted for SOC 2, ISO 27001, and NIST frameworks.
Alert Correlation
Intelligent correlation of alerts from multiple sources to identify attack patterns and reduce false positives.
Architecture Overview
Built on a modern dual-server architecture with real-time communication and graceful MCP server management.
│ NGINX HTTPS PROXY (:8443) │
│ SSL Termination · Reverse Proxy · WebSocket Upgrade │
└────────────┬───────────────────────────────────┬────────────┘
│ │
┌─────────┴─────────┐ ┌───────────┴───────────┐
│ React Frontend │ │ FastAPI Backend │
│ Vite + TypeScript │ │ Python 3.11+ │
│ ShadCN/UI + Radix │◄──REST/WS──►│ JWT Auth + SQLite │
│ React Query │ │ LangChain AI │
│ Port :8080 │ │ Port :8081 │
└───────────────────┘ └───────────┬───────────┘
│
┌────────────────────┼────────────────────┐
│ │ │
┌─────────┴──────┐ ┌────────┴────────┐ ┌───────┴───────┐
│ MCP Manager │ │ AI Services │ │ WebSocket │
│ Server Pool │ │ OpenAI/Ollama │ │ MCP Server │
│ Health Checks │ │ RAG Pipeline │ │ Port :3001 │
└────────┬───────┘ └─────────────────┘ └───────────────┘
│
┌──────┬───────┼───────┬────────┬──────────┐
│ │ │ │ │ │
Wazuh TheHive Cortex OpenCTI Velociraptor Playwright
Technology Stack
Frontend
React 18 · TypeScript · Vite
ShadCN/UI · TailwindCSS
React Query · React Router
Backend
FastAPI · Python 3.11+
SQLAlchemy · JWT Auth
WebSockets · AsyncIO
AI / ML
LangChain · OpenAI API
Ollama (local models)
RAG Pipeline · Embeddings
Infrastructure
Nginx HTTPS Proxy
Docker Compose
MCP Protocol · WebSocket
Security
Role-Based Access Control
JWT Token Auth · MFA
Encrypted Communications
Use Cases
SOC Operations
Streamline daily SOC workflows with AI-assisted alert triage, automated evidence collection, and real-time dashboard monitoring.
Incident Investigation
Accelerate forensic analysis by querying multiple security tools simultaneously through natural language conversations.
Executive Reporting
Generate comprehensive security posture reports with live metrics, trend analysis, and compliance status summaries.
Security Training
Use the AI assistant as a knowledge resource for junior analysts, providing guided explanations of security concepts and tool usage.
Ready to Transform Your Security Operations?
AgentiX Cyber brings the power of AI directly into your cybersecurity workflow.
