Cybersecurity Research Assistant with LangGraph Integration

LangGraph Docs

An advanced project for a cybersecurity research assistant utilizing Python, LangGraph, and various agents for comprehensive threat analysis and reporting.

Project Overview

This project showcases a sophisticated cybersecurity research assistant capable of gathering, analyzing, and summarizing information on vulnerabilities, ransomware, and cyber security events. It integrates multiple agents for specialized tasks, leveraging LangGraph for managing complex workflows and OpenAI's GPT models for natural language processing.

Key features:

• Multi-agent architecture for diverse cybersecurity tasks
• Real-time data gathering and analysis
• Natural language understanding and generation with OpenAI GPT models
• Comprehensive reporting capabilities
• Customizable parameters for different research scenarios

Prerequisites

• Python 3.12+
• uv (An extremely fast Python package and project manager, written in Rust.)
• LangGraph CLI (optional, for easy environment setup)

Installation

1. Clone the repository:

   git clone [email protected]:shivadharmi/cybersecurity-research-assistant.git
   cd cybersecurity-research-assistant

Setting Up uv and ruff

1. Install uv:

   • For macOS and Linux:

   curl -LsSf https://astral.sh/uv/install.sh | sh

   • For Windows:

   powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"

2. Set up a virtual environment:

   uv venv --python 3.12.0
   source .venv/bin/activate  # On Windows, use `.venv\Scripts\activate`

3. Install ruff as a development dependency:

   uv add --dev ruff

4. Install pre-commit and configure the hook:

   uv add --dev pre-commit
   pre-commit install

5. Install dependencies:

   uv add -r requirements.txt

6. Run pre-commit on all files:

   pre-commit run --all-files

Environment Setup

1. Copy the example environment file:

   cp ./env/.env.example ./env/.env

2. Edit .env.local and fill in the required values:

   • OPENAI_API_KEY
   • TAVILY_API_KEY
   • Any other necessary API keys for external services

Running the Research Assistant

Start the cybersecurity research assistant by executing the main.py script with the desired agent and optional parameters. Here’s how to run it:

python main.py <agent> [--month <month>] [--year <year>]

Arguments

• <agent>: Specify which agent to run. Choices include:

  • vulnerability: Analyze vulnerabilities.
  • ransomware: Analyze ransomware threats.
  • events: Analyze cyber security events.
  • cisa: Get CISA-related information.
  • full: Generate a comprehensive report.

• --month <month>: (Optional) Specify the month to analyze (default is September).

• --year <year>: (Optional) Specify the year to analyze (default is 2024).

Example Usage

To run the vulnerability agent for September 2024:

python main.py vulnerability --month September --year 2024

To run the full report for October 2023:

python main.py full --month October --year 2023

Roadmap

• Weekly Reports: Implement functionality to generate weekly cybersecurity reports in addition to the existing monthly reports. This will allow for more frequent updates and timely insights into cybersecurity threats and vulnerabilities.
• Daily Reports: Explore the possibility of generating daily cybersecurity reports to provide real-time insights and updates on emerging threats and vulnerabilities.