{"id":57766,"date":"2026-05-18T08:46:40","date_gmt":"2026-05-18T06:46:40","guid":{"rendered":"https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/"},"modified":"2026-05-18T08:46:40","modified_gmt":"2026-05-18T06:46:40","slug":"stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense","status":"publish","type":"post","link":"https:\/\/www.nae.fr\/en\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/","title":{"rendered":"Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense"},"content":{"rendered":"<blockquote>\n<div class=\"summary\">\n<div class=\"crayon article-chapo-51727 article__chapo\">\n\nAgentic systems involved in high-stake decision-making under adversarial pressure need formal guarantees not offered by existing approaches. Motivated by the operational needs of security operations centers (SOCs) that must configure endpoint detection and response (EDR) policies under adversarial pressure, we present a tool-mediated architecture: LLM agents use deterministic tools (Stackelberg best-response, Bayesian observer updates, attack-graph primitives) and select from finite action catalogs enforced at the tool-output interface. A composite Lyapunov function machine-checked in Lean 4 with zero sorry certifies controllability, observability from asymmetric sensor data, and Input-to-State Stability (ISS) robustness under intelligent adversarial disturbance, with two corollaries extending the certificate to any controller or adversary from the catalogs.\n\n<\/div>\n<\/div><\/blockquote>\nPour en savoir plus :\u00a0<a href=\"https:\/\/arxiv.org\/abs\/2605.03034\" target=\"_blank\" rel=\"noopener\">Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense<\/a>","protected":false},"excerpt":{"rendered":"<p>Agentic systems involved in high-stake decision-making under adversarial pressure need formal guarantees not offered by existing approaches. Motivated by the operational needs of security operations centers (SOCs) that must configure endpoint detection and response (EDR) policies under adversarial pressure, we present a tool-mediated architecture: LLM agents use deterministic tools (Stackelberg best-response, Bayesian observer updates, attack-graph [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":56493,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[22,16],"tags":[35],"class_list":["post-57766","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-actualite-defense-et-securite","category-rti","tag-actualites"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense - NAE<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.nae.fr\/en\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense - NAE\" \/>\n<meta property=\"og:description\" content=\"Agentic systems involved in high-stake decision-making under adversarial pressure need formal guarantees not offered by existing approaches. Motivated by the operational needs of security operations centers (SOCs) that must configure endpoint detection and response (EDR) policies under adversarial pressure, we present a tool-mediated architecture: LLM agents use deterministic tools (Stackelberg best-response, Bayesian observer updates, attack-graph [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.nae.fr\/en\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/\" \/>\n<meta property=\"og:site_name\" content=\"NAE\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-18T06:46:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.nae.fr\/wp-content\/uploads\/2026\/06\/logo-cornell-university.png\" \/>\n\t<meta property=\"og:image:width\" content=\"225\" \/>\n\t<meta property=\"og:image:height\" content=\"225\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"adminwa\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"adminwa\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/\"},\"author\":{\"name\":\"adminwa\",\"@id\":\"https:\\\/\\\/www.nae.fr\\\/#\\\/schema\\\/person\\\/3d658e930f01449b7195ce4a78fcfc1e\"},\"headline\":\"Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense\",\"datePublished\":\"2026-05-18T06:46:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/\"},\"wordCount\":131,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.nae.fr\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.nae.fr\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/logo-cornell-university.png\",\"keywords\":[\"Actualit\u00e9s\"],\"articleSection\":[\"Actualit\u00e9 D\u00e9fense et S\u00e9curit\u00e9\",\"RTI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/\",\"url\":\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/\",\"name\":\"Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense - NAE\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.nae.fr\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.nae.fr\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/logo-cornell-university.png\",\"datePublished\":\"2026-05-18T06:46:40+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.nae.fr\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/logo-cornell-university.png\",\"contentUrl\":\"https:\\\/\\\/www.nae.fr\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/logo-cornell-university.png\",\"width\":225,\"height\":225},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.nae.fr\\\/2026\\\/05\\\/18\\\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/www.nae.fr\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.nae.fr\\\/#website\",\"url\":\"https:\\\/\\\/www.nae.fr\\\/\",\"name\":\"NAE\",\"description\":\"NAE fili\u00e8re d&#039;excellence...\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.nae.fr\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.nae.fr\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.nae.fr\\\/#organization\",\"name\":\"NAE\",\"url\":\"https:\\\/\\\/www.nae.fr\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.nae.fr\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.nae.fr\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/nae-logo.svg\",\"contentUrl\":\"https:\\\/\\\/www.nae.fr\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/nae-logo.svg\",\"width\":84,\"height\":52,\"caption\":\"NAE\"},\"image\":{\"@id\":\"https:\\\/\\\/www.nae.fr\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.nae.fr\\\/#\\\/schema\\\/person\\\/3d658e930f01449b7195ce4a78fcfc1e\",\"name\":\"adminwa\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/5118570d863e9bebccd6a13a0e571e5515c30a2f455e20ed92788cb2b4e5c631?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/5118570d863e9bebccd6a13a0e571e5515c30a2f455e20ed92788cb2b4e5c631?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/5118570d863e9bebccd6a13a0e571e5515c30a2f455e20ed92788cb2b4e5c631?s=96&d=mm&r=g\",\"caption\":\"adminwa\"},\"sameAs\":[\"https:\\\/\\\/www.nae.fr\"],\"url\":\"https:\\\/\\\/www.nae.fr\\\/en\\\/author\\\/adminwa\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense - NAE","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.nae.fr\/en\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/","og_locale":"en_US","og_type":"article","og_title":"Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense - NAE","og_description":"Agentic systems involved in high-stake decision-making under adversarial pressure need formal guarantees not offered by existing approaches. Motivated by the operational needs of security operations centers (SOCs) that must configure endpoint detection and response (EDR) policies under adversarial pressure, we present a tool-mediated architecture: LLM agents use deterministic tools (Stackelberg best-response, Bayesian observer updates, attack-graph [&hellip;]","og_url":"https:\/\/www.nae.fr\/en\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/","og_site_name":"NAE","article_published_time":"2026-05-18T06:46:40+00:00","og_image":[{"width":225,"height":225,"url":"https:\/\/www.nae.fr\/wp-content\/uploads\/2026\/06\/logo-cornell-university.png","type":"image\/png"}],"author":"adminwa","twitter_card":"summary_large_image","twitter_misc":{"Written by":"adminwa","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/#article","isPartOf":{"@id":"https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/"},"author":{"name":"adminwa","@id":"https:\/\/www.nae.fr\/#\/schema\/person\/3d658e930f01449b7195ce4a78fcfc1e"},"headline":"Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense","datePublished":"2026-05-18T06:46:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/"},"wordCount":131,"commentCount":0,"publisher":{"@id":"https:\/\/www.nae.fr\/#organization"},"image":{"@id":"https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/#primaryimage"},"thumbnailUrl":"https:\/\/www.nae.fr\/wp-content\/uploads\/2026\/06\/logo-cornell-university.png","keywords":["Actualit\u00e9s"],"articleSection":["Actualit\u00e9 D\u00e9fense et S\u00e9curit\u00e9","RTI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/","url":"https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/","name":"Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense - NAE","isPartOf":{"@id":"https:\/\/www.nae.fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/#primaryimage"},"image":{"@id":"https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/#primaryimage"},"thumbnailUrl":"https:\/\/www.nae.fr\/wp-content\/uploads\/2026\/06\/logo-cornell-university.png","datePublished":"2026-05-18T06:46:40+00:00","breadcrumb":{"@id":"https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/#primaryimage","url":"https:\/\/www.nae.fr\/wp-content\/uploads\/2026\/06\/logo-cornell-university.png","contentUrl":"https:\/\/www.nae.fr\/wp-content\/uploads\/2026\/06\/logo-cornell-university.png","width":225,"height":225},{"@type":"BreadcrumbList","@id":"https:\/\/www.nae.fr\/2026\/05\/18\/stable-agentic-control-tool-mediated-llm-architecture-for-autonomous-cyber-defense\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.nae.fr\/"},{"@type":"ListItem","position":2,"name":"Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense"}]},{"@type":"WebSite","@id":"https:\/\/www.nae.fr\/#website","url":"https:\/\/www.nae.fr\/","name":"NAE","description":"NAE fili\u00e8re d&#039;excellence...","publisher":{"@id":"https:\/\/www.nae.fr\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.nae.fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.nae.fr\/#organization","name":"NAE","url":"https:\/\/www.nae.fr\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.nae.fr\/#\/schema\/logo\/image\/","url":"https:\/\/www.nae.fr\/wp-content\/uploads\/2025\/10\/nae-logo.svg","contentUrl":"https:\/\/www.nae.fr\/wp-content\/uploads\/2025\/10\/nae-logo.svg","width":84,"height":52,"caption":"NAE"},"image":{"@id":"https:\/\/www.nae.fr\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.nae.fr\/#\/schema\/person\/3d658e930f01449b7195ce4a78fcfc1e","name":"adminwa","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/5118570d863e9bebccd6a13a0e571e5515c30a2f455e20ed92788cb2b4e5c631?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/5118570d863e9bebccd6a13a0e571e5515c30a2f455e20ed92788cb2b4e5c631?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5118570d863e9bebccd6a13a0e571e5515c30a2f455e20ed92788cb2b4e5c631?s=96&d=mm&r=g","caption":"adminwa"},"sameAs":["https:\/\/www.nae.fr"],"url":"https:\/\/www.nae.fr\/en\/author\/adminwa\/"}]}},"_links":{"self":[{"href":"https:\/\/www.nae.fr\/en\/wp-json\/wp\/v2\/posts\/57766","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.nae.fr\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.nae.fr\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.nae.fr\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.nae.fr\/en\/wp-json\/wp\/v2\/comments?post=57766"}],"version-history":[{"count":0,"href":"https:\/\/www.nae.fr\/en\/wp-json\/wp\/v2\/posts\/57766\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.nae.fr\/en\/wp-json\/wp\/v2\/media\/56493"}],"wp:attachment":[{"href":"https:\/\/www.nae.fr\/en\/wp-json\/wp\/v2\/media?parent=57766"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.nae.fr\/en\/wp-json\/wp\/v2\/categories?post=57766"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.nae.fr\/en\/wp-json\/wp\/v2\/tags?post=57766"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}