Probabilistic Forecasting Engine for Proactive Cyber Defense
ThreatGraph is a locally hosted, AI-assisted cyber simulation platform that models attack paths, simulates adversary behavior, and estimates breach probability using swarm-style Red vs. Blue team reasoning.
For educational, defensive, and authorized security testing only.
Do not point the simulation at any infrastructure you do not explicitly own, operate, or have written permission to assess.
This project is designed for defensive threat modeling, attack path analysis, and cyber resilience experimentation.
Interactive dashboard showing adversary selection, active defenses, target modeling, and live simulation telemetry.
ThreatGraph combines:
- GraphRAG-style topology extraction
- Knowledge graph modeling with Neo4j
- Multi-agent Red Team / Blue Team simulation
- Adversary playbook selection
- Attack path correlation
- Probabilistic breach forecasting
- Live dashboard telemetry
Instead of treating security as a checklist, ThreatGraph attempts to answer:
“Given this architecture, these defenses, and this threat actor — how likely is a meaningful breach path?”
Traditional scanners answer:
- “What vulnerabilities exist?”
ThreatGraph aims to answer:
- Which attack paths are actually plausible?
- Which controls meaningfully reduce breach probability?
- How would a specific threat actor chain weaknesses together?
- What happens when multiple agents explore the topology in parallel?
This makes the project useful for:
- proactive cyber defense
- threat modeling
- attack path analysis
- security architecture reviews
- tabletop simulation concepts
- AI-assisted adversary emulation (defensive context)
┌──────────────────────────────┐
│ Target Domain / Infra URL │
└──────────────┬───────────────┘
│
▼
┌─────────────────────────────┐
│ GraphRAG / Topology Ingest │
│ Public Infra + Tech Signals│
└──────────────┬──────────────┘
│
▼
┌─────────────────────────────┐
│ Neo4j Knowledge Graph │
│ Hosts • Services • Controls │
│ Paths • Weaknesses • Assets │
└──────────────┬──────────────┘
│
▼
┌────────────────────────────────────────┐
│ Multi-Agent Simulation Orchestrator │
│ CrewAI Red / Blue Parallel Reasoning │
└───────┬───────────────────────┬────────┘
│ │
▼ ▼
┌──────────────────────┐ ┌──────────────────────┐
│ Red Team Agents │ │ Blue Team Agents │
│ Attack path search │ │ Defensive response │
│ TTP chaining │ │ Control evaluation │
└──────────┬───────────┘ └──────────┬───────────┘
└──────────────┬────────────┘
▼
┌────────────────────────────┐
│ Breach Probability Engine │
│ Risk Score + Path Evidence │
└──────────────┬─────────────┘
▼
┌────────────────────────────┐
│ Vue Dashboard + Telemetry │
│ Logs • Score • Simulation │
└────────────────────────────┘