English

AgenticCyOps: Securing Multi-Agentic AI Integration in Enterprise Cyber Operations

Cryptography and Security 2026-03-11 v1 Multiagent Systems Software Engineering

Abstract

Multi-agent systems (MAS) powered by LLMs promise adaptive, reasoning-driven enterprise workflows, yet granting agents autonomous control over tools, memory, and communication introduces attack surfaces absent from deterministic pipelines. While current research largely addresses prompt-level exploits and narrow individual vectors, it lacks a holistic architectural model for enterprise-grade security. We introduce AgenticCyOps (Securing Multi-Agentic AI Integration in Enterprise Cyber Operations), a framework built on a systematic decomposition of attack surfaces across component, coordination, and protocol layers, revealing that documented vectors consistently trace back to two integration surfaces: tool orchestration and memory management. Building on this observation, we formalize these integration surfaces as primary trust boundaries and define five defensive principles: authorized interfaces, capability scoping, verified execution, memory integrity & synchronization, and access-controlled data isolation; each aligned with established compliance standards (NIST, ISO 27001, GDPR, EU AI Act). We apply the framework to a Security Operations Center (SOC) workflow, adopting the Model Context Protocol (MCP) as the structural basis, with phase-scoped agents, consensus validation loops, and per-organization memory boundaries. Coverage analysis, attack path tracing, and trust boundary assessment confirm that the design addresses the documented attack vectors with defense-in-depth, intercepts three of four representative attack chains within the first two steps, and reduces exploitable trust boundaries by a minimum of 72% compared to a flat MAS, positioning AgenticCyOps as a foundation for securing enterprise-grade integration.

Keywords

Cite

@article{arxiv.2603.09134,
  title  = {AgenticCyOps: Securing Multi-Agentic AI Integration in Enterprise Cyber Operations},
  author = {Shaswata Mitra and Raj Patel and Sudip Mittal and Md Rayhanur Rahman and Shahram Rahimi},
  journal= {arXiv preprint arXiv:2603.09134},
  year   = {2026}
}

Comments

17 pages, 4 figures, 5 tables

R2 v1 2026-07-01T11:11:35.255Z