Your AI agent is only as smart as what it can see
Kaveh Azarhoosh
Community & Research Lead
Your AI agent is only as smart as what it can see
AI agents are everywhere in security operations now. They correlate indicators, draft reports, triage alerts. Ask one what infrastructure sits behind a suspicious domain, though, and you get nothing useful. Not because the model is limited. Not because the data is hidden. The data is out there. The agent just has no way to make sense of it.
The bottleneck in AI-driven security is not reasoning. It's context.
The context gap
LLMs reason well over information they can actually parse. The raw material of infrastructure investigation is technically public: DNS records, BGP routing tables, WHOIS registrations, certificate transparency logs, IP attribution, ASN reputation. Any analyst can get to it. Assembling it is its own job, though, because it lives across dozens of sources in dozens of formats, and nothing is correlated. An IP address in one database does not know it is related to a certificate in another, which does not know it is related to a routing announcement in a third. Feed that to an agent as a pile of disconnected lookups and it reasons in a vacuum. It can summarise what you hand it. It cannot see the relationships that turn lookups into an investigation.
Security teams paper over this manually. They paste data into prompts, attach spreadsheets, spell out in prompt engineering how one data point connects to another. That works for simple queries. It falls apart the moment an investigation requires correlating across layers of infrastructure, because now the analyst is encoding a whole graph in their head and transcribing fragments of it into the prompt.
Context, not access, is what separates an agent that summarises from an agent that investigates. And good context is structured (extensive, interconnected, correlated), not just a longer list of isolated facts.
Why MCP matters
Model Context Protocol is an open standard that lets AI agents call external data sources in real time. Instead of a human pasting pre-curated data into a prompt, the agent queries a service directly and gets structured results back mid-conversation. The word that matters there is structured. MCP is not just a pipe for more data. It is a way to deliver complex, correlated structures (like a knowledge graph) to an agent efficiently and without loss of shape.
That is the shift. The agent stops being a summarisation tool and starts participating in the investigation, because the context it needs is finally in a form it can reason over.
What this looks like in practice
A security analyst asks their AI agent: "What would break if Cloudflare went down?" The agent connects to Whisper's MCP server, queries the graph, and gets structured results back in milliseconds. Thousands of routing prefixes. Millions of affected IPs. The hostnames depending on them, which ones appear on the analyst's watchlist, how the risk distributes across geographies. All correlated across multiple layers of infrastructure. The agent writes the assessment. The analyst reviews it.
Without that connection, the same question means manually querying BGP tables, cross-referencing DNS records, checking IP registrations, and hand-correlating everything across multiple tools. That takes hours if it happens at all. Usually the question just does not get asked.
Whisper: the context layer for internet infrastructure
This is where Whisper fits. WhisperGraph is an interconnected map of the routable internet: 3.7 billion nodes and 39 billion edges linking domains, IPs, ASNs, DNS, routing, certificates, and ownership. Every node knows its neighbours. That is the context AI agents have been missing. Not more data. Data whose relationships are already resolved.
Whisper ships with built-in MCP support. Any MCP-compatible agent gets direct access to WhisperGraph with one config change and under a minute of setup. From there, the agent pulls infrastructure context the same way it pulls any other tool call, except what comes back is a correlated slice of the graph rather than a flat list of lookups.
The point is not to take work away from analysts. It is to let them ask bigger questions. Running the blast-radius query before an incident instead of reconstructing it after. Mapping an attacker's infrastructure in the same session the first indicator came in. Doing the investigations that usually get skipped because the correlation work is too expensive. Every AI agent in the stack starts from the same structured picture of the internet, so the humans reviewing the output know the reasoning was built on real context and not on improvised fragments.
Whisper's MCP server is live at mcp.whisper.security. Poke around in the Console at console.whisper.security, or follow the setup guide at whisper.security/docs/mcp-guide.
