Cybersecurity defense strategy generation transforms threat intelligence into actionable defense measures against sophisticated multi-stage cyberattacks. Existing approaches lack multi-dimensional coordination of technical, tactical, and threat actor expertise, with limited benchmarks for evaluating defense strategy quality. To address these gaps, we introduce MACD (Multi-Agent Collaborative Defense), a novel framework that orchestrates specialized AI agents to generate ATT&CK-aligned defense strategies. MACD deploys three expert agents for technical defense, kill chain phase analysis, and APT profiling, coordinated through a synthesizing agent, while leveraging retrieval-augmented generation to mitigate hallucination risks in threat mapping. Additionally, we construct CyberDefBench, a comprehensive benchmark combining real-world APT cases and synthetic scenarios with dual-layer annotations for reactive and proactive defenses. Experimental results demonstrate that MACD achieves 84.6% technique mapping accuracy and 72.3% defense coverage, significantly outperforming baseline methods and validating the effectiveness of multi-agent collaboration for cybersecurity defense.
Li et al. (Wed,) studied this question.