Application and development of large-scale multi-agent models in network security

Key Points

• • Anthropic MCP and Google A2A protocols represent two key directions for AI applications to move from single intelligence to group collaboration. Each solves different levels of collaboration problems.
• • Global network security vendors have begun to explore and deploy multi-agent collaborative systems based on MCP/A2A to improve threat detection, analysis and response capabilities
• • Gartner, Forrester and other consulting firms predict that MCP/A2A protocols will be the core of intelligent security operations in the next 3-5 years and will drive SOAR and SOC to develop in a more automated direction
• • Multi-agent collaboration faces challenges such as insufficient data standardization and protocol complexity, and also brings new security risks such as "tool poisoning"

With the rapid development of artificial intelligence technology, the application of large language models (LLMs) is evolving from single-agent systems to multi-agent collaborative systems. In the field of network security, this trend is particularly evident, mainly reflected in the application and development of two major technical routes: Anthropic's Model Context Protocol (MCP) and Google's Agent2Agent Protocol (A2A).

Based on the latest research results and industry practices, this article conducts an in-depth analysis of the application of MCP and A2A protocols in the field of network security, explores the latest concepts, views, predictions and plans of global network security vendors and consulting companies in multi-agent applications, and provides security practitioners with cutting-edge perspectives and practical references.

MCP and A2A protocols: technical foundation and architecture comparison

Anthropic MCP

Model Context Protocol

• • Standardized model connections to external tools/data sources (vertical integration)
• • Bidirectional communication mechanism based on JSON-RPC 2.0
• • Provides security mechanisms such as sandbox isolation, permission control and operation logs
• • Equivalent to the "USB-C interface" of AI, solving the last mile connection problem

Google A2A

Agent2Agent Protocol

• • Facilitate communication and collaboration among multiple agents (horizontal integration)
• • Capability declaration and task lifecycle management based on Agent Card
• • Support multi-modal communication and integrate OAuth2.0 enterprise-level identity authentication
• • Equivalent to the "social protocol" of AI, building social rules for intelligent agents

Complementarity of the two protocols

Although MCP and A2A focus on different things, they are highly complementary in practical applications: MCP solves the problem of connecting a single agent with the outside world, while A2A solves the problem of collaboration between multiple agents. In network security scenarios, MCP can be used for agents to obtain security data and call security tools, while A2A is used to coordinate different agents to complete complex security tasks.

Expert opinion

"MCP and A2A represent two key development directions for the application of big models. MCP solves the problem of 'how AI uses tools', while A2A solves the problem of 'how AI collaborates with other AI'. In the field of cybersecurity, the combination of the two will greatly enhance threat detection and response capabilities, and promote the security operation center from manual dominance to human-machine collaboration, and ultimately to a highly automated direction."

— Gartner, Technology Trends 2025: Emerging Technologies, April 2025

Multi-agent Practices of Global Cybersecurity Vendors

Application cases of international leading manufacturers

Microsoft

• • Security Copilot launches dedicated security agents to autonomously handle phishing, identity management and other tasks
• • Sentinel platform supports preliminary A2A function to achieve closed loop of threat response

CrowdStrike

• • Falcon SIEM supports multi-agent dynamic collaborative analysis through A2A
• • Apply multiple self-learning AI agents to ensure the security of AI-generated code

Palo Alto Networks

• • Experiment with MCP-based agent orchestration system, integrating XDR platform
• • Emphasize AI Runtime Security to address proxy security risks

China's network security vendor layout

Venusstar

By encapsulating security capabilities through the MCP protocol and connecting with large models such as DeepSeek, we proposed the "large model application security" track and focused on highly sensitive scenarios.

Application stage: Early application

Qi Anxin

The "Xiejing" AI+ security graph accesses threat intelligence, EDR and other data, embodying the MCP's data standardization concept and enhancing threat detection and analysis capabilities.

Application phase: concept realization

Convinced

Establish a data linkage architecture, integrate Defender XDR and SIEM logs, and implement cross-platform analysis and natural language interaction. MCP is not explicitly mentioned, but the architecture is consistent with the concept.

Application stage: Exploration stage

Microstep Online

XGPT DeepSeek version uses multi-agent collaboration in threat assessment and analysis scenarios to enhance threat intelligence analysis and early warning effects.

Application stage: experimental application

Practical application scenarios of multi-agents in the security field

Threat Detection and Response Automation

Multi-agent collaboration mode: log analysis agent → threat assessment agent → response agent → document agent

• • CrowdStrike Falcon SIEM supports automated collaboration between log analysts and threat response agents via A2A
• • Forrester report suggests such collaboration can improve threat response efficiency by more than 40%

Safety knowledge integration and decision support

Through the MCP protocol, standardized access to threat intelligence, vulnerability database, and asset information is formed to form a collaborative decision-making system

• • Microsoft Security Copilot integrates specific security models to provide context-aware decision support
• • Wiz’s AI Security Co-pilot applies multi-agent principles for cloud security analysis

Actual case: CrowdStrike's multi-self-learning AI agent security system

The multi-self-learning AI agent system demonstrated by CrowdStrike in early 2025 focuses on ensuring the security of AI-generated code and represents an innovative application of multi-agent collaboration in the security field.

Source: CrowdStrike Blog, January 2025

Consulting agency views and market forecasts

Gartner

• • MCP/A2A is listed as an "emerging technology" and is expected to become the core of intelligent security operations within 3-5 years
• • It is expected that by 2028, 70% of SOAR platforms will integrate MCP protocols
• • Predicting the evolution of SOC to “Autonomous Security Hub”

Source: Gartner, Technology Trends 2025: Emerging Technologies, April 2025

Forrester

• • A2A protocol can reduce the reliance on manpower for security operations and improve threat response efficiency by more than 40%
• • Insufficient warning standardization may lead to new threats such as "tool poisoning"
• • By the end of 2025, 25% of enterprise SOCs will deploy multi-agent-based analytics systems

Source: Forrester, "The Forrester Wave™: AI For Security, Q3 2024"

IDC

• • MCP and A2A will become key indicators for evaluating next-generation security platforms
• • Predict that by 2026, multi-agent security collaboration will become a core component of enterprise security architecture
• • The integration of SOAR and large-scale multi-agent collaboration will reshape the security operation center

Source: IDC, Future of Trust: AI Security and Governance, Q1 2025

MCP/A2A-driven cybersecurity transformation trends

SOC Evolution Path

2023-2024: Traditional SOC + large model assistance

The large model is used as an auxiliary tool, mainly for knowledge integration and simple analysis.

2025-2026: MCP-driven enhanced SOC

Improve threat detection and analysis capabilities by integrating security data sources through MCP standardization

2027-2028: A2A-driven collaborative SOC

Multiple security agents work together to automatically handle most threat response processes

2029+: Autonomous Security Hub

A highly autonomous multi-agent system where humans only provide strategic guidance and make key decisions

SOAR platform development trends

SOAR platform adoption of MCP/A2A protocols will reshape security automation processes

Data source: Gartner forecast and IDC market research

Market Forecast Key Data

70%

SOAR platforms will integrate MCP protocols by 2028

25%

Enterprise SOCs will deploy multi-agent analytics by the end of 2025

60%

Manual security work will be replaced by multi-agent systems (by 2028)

Technical challenges and development opportunities

Technical Challenges

Protocol complexity

Intelligent agents need to understand unstructured tasks such as dynamic service discovery and multi-round interactions, which places higher demands on model capabilities.

Collaboration semantics

The problem of information redundancy and conflict between agents needs to be solved. How to effectively coordinate the collaboration of multiple agents remains a challenge.

Security Risks

Insufficient standardization may lead to new threats such as "tool poisoning", and the direct operation of external systems by intelligent agents requires enhanced permission control

Ecological fragmentation

Tech giants may fork the protocol into proprietary versions, leading to ecological fragmentation and forming new technical barriers

Development opportunities

Standardization and Ecosystem Construction

Organizations such as NIST and ISO are studying multi-agent collaboration framework standards, and open source ecosystems such as LangChain and AutoGen provide collaborative implementation solutions.

Hierarchical Architecture

MCP as the underlying tool interface and A2A as the high-level collaboration framework are forming a complementary ecosystem, each focusing on different levels of intelligent collaboration issues.

Capacity Development

MCP expands to multi-modality, and A2A strengthens task orchestration capabilities. The coordinated development of the two will support more complex security decision-making processes

Industrialization Path

Mainstream security vendors are incorporating intelligent collaboration capabilities into their 2025-2026 product plans, with XDR and SOAR products becoming the primary integration targets

Strategic Recommendations

Recommendations for security vendors

• • Incorporate multi-agent collaboration into the 2025-2026 product roadmap, especially XDR and SOAR products
• • Pay attention to and participate in open source projects such as LangChain and AutoGen to accumulate practical experience
• • Consider new security risks simultaneously and design protective measures in advance
• • Actively follow the standardization process of organizations such as NIST and ISO and participate in ecological construction

Recommendations for Enterprise Users

• • Consider multi-agent collaboration as an important factor in selecting next-generation security platforms
• • Prioritize pilot applications in threat detection and response, knowledge management, and other scenarios
• • Develop security strategies for intelligent collaboration, especially permission control and monitoring audit
• • Build team skills in AI safety and prepare to work with intelligent systems

Conclusion and Outlook

Anthropic MCP and Google A2A represent two key directions for AI applications to move from single intelligence to group collaboration. MCP is committed to solving the "last mile" problem of interaction between models and real-world tools, while A2A focuses on building "social rules" for efficient collaboration between intelligent agents.

At present, the application of these protocols in the field of network security is still in its early stages, and the concept of MCP (data/tool ​​standardization) has penetrated relatively quickly, especially in the data integration and capability call of the security operation platform. A2A has few direct applications, but its multi-agent collaboration concept is driving SOAR, automated response and other fields to develop in a smarter and more autonomous direction.

In the next 3-5 years, with the standardization of protocols, the maturity of the open source ecosystem, and the improvement of large model capabilities, MCP and A2A (or their evolutionary forms) are expected to be deeply integrated into security products and services, significantly changing the mode of threat detection, analysis, response and overall security operations, and promoting the industry to evolve towards a new paradigm of "autonomous defense" and "human-machine collaboration". Enterprises and manufacturers need to pay active attention and make timely arrangements to seize the opportunities brought by this technological change and meet its challenges.