This work addresses the high false positive rates of traditional static application security testing (SAST) tools, which hinder efficient identification of genuine vulnerabilities. The authors propose the first multi-agent large language model (LLM) collaborative framework tailored for real-world vulnerability discovery, integrating static analysis with deep semantic understanding through a unified pipeline comprising matching, filtering, verification, and adaptive modules. This approach substantially enhances both the accuracy and actionable output of vulnerability detection. Evaluated on open-source software, the method successfully identified 203 confirmed zero-day vulnerabilities, leading to the assignment of 118 CVE identifiers. The study also distills critical practical insights into deploying LLM-based agents in security engineering contexts.

Software vulnerabilities remain one of the most persistent threats to modern digital infrastructure. While static application security testing (SAST) tools have long served as the first line of defense, they suffer from high false-positive rates. This article presents TitanCA, a collaborative project between Singapore Management University and GovTech Singapore that orchestrates multiple large language model (LLM)-powered agents into a unified vulnerability discovery pipeline. Applied in open-source software, TitanCA has discovered 203 confirmed zero-day vulnerabilities and yielded 118 CVEs. We describe the four-module architecture, i.e., matching, filtering, inspection, and adaptation, and share key lessons from building and deploying an LLM-based vulnerability discovery solution in practice.