In recent years, the landscape of software threats has become significantly more dynamic and distributed. Security vulnerabilities are no longer discovered and shared only through formal channels such as public vulnerability databases or vendor advisories. Increasingly, critical threat information emerges informally through blogs, social media, developer forums, open source repositories, and even underground communities. To this end, capturing such intelligence in a timely manner is essential for maintaining situational awareness and enabling prompt security responses. However, this remains a complex challenge due to the fragmented nature of data sources and the technical difficulty of collecting, parsing, mapping, and validating information at scale. To address this, we propose Evolaris, a self-evolving software intelligence system built on a multi-agent framework. Evolaris  is designed to support a full-stack workflow, where agents operate independently but coordinate through shared context to perform tasks such as information discovery, reasoning, gap completion, validation, and risk detection. This architecture enables the platform to learn from new inputs, refine its internal knowledge, and adapt to emerging threat patterns over time, which could continuously improve the precision, timeliness, and scalability of software threat analysis, and offers a sustainable foundation for proactive security decision-making and strengthens the broader ecosystem of security threat understanding.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Evolaris: A Roadmap to Self-evolving Software Intelligence Management

  • Chengwei Liu,
  • Wenbo Guo,
  • Yuxin Zhang,
  • Limin Wang,
  • Sen Chen,
  • Lei Bu,
  • Yang Liu

摘要

In recent years, the landscape of software threats has become significantly more dynamic and distributed. Security vulnerabilities are no longer discovered and shared only through formal channels such as public vulnerability databases or vendor advisories. Increasingly, critical threat information emerges informally through blogs, social media, developer forums, open source repositories, and even underground communities. To this end, capturing such intelligence in a timely manner is essential for maintaining situational awareness and enabling prompt security responses. However, this remains a complex challenge due to the fragmented nature of data sources and the technical difficulty of collecting, parsing, mapping, and validating information at scale. To address this, we propose Evolaris, a self-evolving software intelligence system built on a multi-agent framework. Evolaris  is designed to support a full-stack workflow, where agents operate independently but coordinate through shared context to perform tasks such as information discovery, reasoning, gap completion, validation, and risk detection. This architecture enables the platform to learn from new inputs, refine its internal knowledge, and adapt to emerging threat patterns over time, which could continuously improve the precision, timeliness, and scalability of software threat analysis, and offers a sustainable foundation for proactive security decision-making and strengthens the broader ecosystem of security threat understanding.