Sentinelos

Inspiration Modern cybersecurity tools usually depend on a single scanning engine that performs vulnerability detection and generates reports in one pipeline. While exploring existing tools and workflows, we realized that most systems lack specialized intelligence across different stages of security analysis.

That led us to a simple but powerful idea: Instead of one AI agent doing everything, why not create a role-based multi-agent cybersecurity system where every agent specializes in a different responsibility?

This became the foundation of Sentinel.

We designed Sentinel as an orchestrated multi-agent AI platform where each agent behaves like a member of a real security team. One agent scans the project, another simulates how an attacker could exploit vulnerabilities, and another analyzes the collected threat data to generate accurate fixes and security recommendations. The goal was to create a system that feels less like a static scanner and more like an autonomous cybersecurity workflow powered by coordinated AI intelligence.

What it does Sentinel is a multi-agent AI cybersecurity platform that automates vulnerability detection, attack simulation, threat analysis, and remediation planning.

The system works through a sequential AI workflow:

The Scanner Agent analyzes the entire project and detects vulnerabilities such as SQL Injection, XSS, insecure authentication patterns, and dangerous execution flows.
The Attack Simulation Agent studies the detected vulnerabilities and simulates how a real attacker could exploit them using realistic attack paths and MITRE ATT&CK mappings.
The Threat Analysis Agent converts the generated findings into structured JSON-based intelligence and analyzes the severity, exploitability, and overall security impact.
The Patch Generation Agent generates code-level remediation suggestions and security fixes for detected vulnerabilities.
The Report Agent compiles all findings into a comprehensive security report with risk scoring, recommendations, and remediation timelines. The entire system is orchestrated through one centralized LLM powering multiple specialized AI agents.

How we built it We built Sentinel using a full-stack architecture combining AI orchestration, asynchronous backend systems, and a modern frontend dashboard.

The frontend was developed using Next.js and TypeScript to create a real-time cybersecurity dashboard capable of displaying:

scan progress
vulnerability findings
attack simulations
generated reports
patch recommendations

The backend was developed using FastAPI with asynchronous APIs and SQLAlchemy for scalable orchestration and database communication. At the core of the project is a custom multi-agent orchestration framework where multiple specialized agents execute sequentially through a centralized workflow engine. Instead of running multiple AI models independently, we designed the system around one centralized LLM that powers all agents through different system prompts and contextual workflows. This improved consistency, reduced token overhead, and made the architecture more scalable.

The project also integrates:

CWE mappings
OWASP vulnerability classification
MITRE ATT&CK techniques
PostgreSQL/SQLite databases
JWT authentication
Docker-based deployment support

Challenges we ran into One of the biggest challenges was setting up the multi-agent orchestration system itself. Coordinating multiple agents while maintaining context and proper execution flow required careful architecture planning.

Another major challenge was integrating the frontend and backend systems. Since the frontend dashboard and AI orchestration pipeline were initially built independently, connecting them into one seamless workflow required multiple iterations and restructuring.

Product design was also a challenge. We wanted Sentinel to feel like a modern cybersecurity platform instead of just another technical prototype. Designing dashboards, workflows, and user interactions while maintaining technical depth took significant effort during development. Managing structured JSON-based data communication between agents was another difficult part, especially while passing vulnerability findings between scanning, attack simulation, and patch generation stages.

Accomplishments that we're proud of We are proud of successfully building a fully functional multi-agent cybersecurity workflow powered by a centralized LLM architecture.

Some accomplishments include:

Designing a sequential multi-agent orchestration system
Building role-based AI agents with specialized responsibilities
Creating realistic attack simulation workflows
Implementing structured threat analysis pipelines
Generating contextual remediation patches
Developing a modern real-time cybersecurity dashboard
Creating a scalable architecture ready for future production deployment One of the biggest achievements was proving that one centralized LLM can successfully orchestrate multiple specialized AI workflows efficiently.

What we learned Through Sentinel, we learned how scalable multi-agent AI systems can outperform traditional single-agent workflows when responsibilities are properly distributed.

We gained practical experience in:

AI orchestration architecture
Role-based agent workflows
Backend and frontend integration
Structured threat analysis pipelines
Security-focused product design
Real-time workflow coordination Most importantly, we learned that effective AI systems are not only about model intelligence, but also about how intelligently multiple components collaborate together.

What's next for Sentinelos Our next goal is to evolve Sentinel into a more advanced autonomous cybersecurity platform with deeper AI reasoning and production-scale capabilities.

Future plans include:

integrating real LLM providers such as GPT-4 and Claude
adding CI/CD security pipeline integration
enabling automated patch application with rollback systems
introducing real-time collaboration for security teams
adding historical vulnerability analytics
supporting compliance frameworks such as SOC 2 and ISO 27001
integrating cloud infrastructure scanning
implementing WebSocket-based real-time orchestration monitoring We also plan to expand Sentinel beyond code analysis into a complete AI-driven security operations ecosystem.