System Architecture

Deep technical breakdown of SecPhi's multi-agent AI vulnerability analysis platform

High-Level Architecture

👥

Users

Security Teams

→

🖥️

Frontend

Next.js 14

→

⚡

API Layer

Edge Functions

→

🧠

AI Engine

Multi-Agent

→

🗄️

Data Sources

NVD, CISA, OSV

Multi-Model LLM Orchestration

📥

CVE Analysis Request

User triggers analysis

↓

🔀

Intelligent Router

Routes to best available model with fallback

↓↓↓

🔷

Gemini Flash

Primary • Fast

🟢

GPT-4o Mini

Fallback 1

🟠

Claude Haiku

Fallback 2

↓↓↓

🤝

Multi-Agent Consensus

Scanner, Scorer, Exploit, Patch agents reach agreement

↓

✅

Validated Analysis

Severity rating with confidence scores

Data Processing Pipeline

📥

Input

User enters CVE ID or tech stack

CVE IDPackage List

→

🔍

Fetch

Query NVD API for CVE data

NVD APIREST

→

🏛️

Enrich

Check CISA KEV status

CISA KEVJSON

→

📊

Score

Calculate confidence from sources

Weighted AvgCVSS

→

🧠

Analyze

Multi-agent AI analysis

GeminiGPTClaude

→

📋

Output

Render results with visualizations

ReactCharts

Screen Components & Connections

01CVEWatch

Real-time vulnerability scanning and analysis

NVDAIKEV

Click for detailed architecture →

02Agent Debate

Multi-agent AI security assessment

ClaudeGPTGemini

Click for detailed architecture →

03Attack Path

Exploitation chain visualization

AIMITRE

Click for detailed architecture →

04Confidence

Weighted scoring from multiple sources

NVDCISAOSV

Click for detailed architecture →

05LLM Orchestration

Multi-provider AI with failover

GeminiGPTClaude

Click for detailed architecture →

06Data Pipeline

Real-time vulnerability data aggregation

NVDAPIKEV

Click for detailed architecture →

07StackScan

Dependency vulnerability detection

OSVGitHubAI

Click for detailed architecture →

08Reports

PDF report generation and export

PDFAPI

Click for detailed architecture →

External API Sources

🤖

AI Models

🔷

Google Gemini

Primary LLM

🟢

OpenAI GPT

Fallback LLM

🟠

Anthropic Claude

Fallback LLM

🛡️

Security Data

🏛️

NVD Database

CVE data source

⚠️

CISA KEV

Exploit catalog

📦

OSV Database

Package vulns

💻

GitHub Advisory

Code vulns

☁️

Infrastructure

▲

Vercel

Hosting & Edge

⚡

Next.js 14

App Framework

🎨

Tailwind CSS

Styling

Multi-Agent Analysis System

🔍

Scanner Agent

Detection

Identifies vulnerabilities in code, configs, and dependencies

📊

Scorer Agent

Risk Assessment

Calculates risk scores using CVSS, EPSS, and context

⚡

Exploit Agent

Threat Intel

Analyzes exploitation likelihood and attack surface

🔧

Patch Agent

Remediation

Recommends fixes, patches, and mitigation strategies

SecPhi Architecture Documentation • Version 1.0