Skip to main content

CyberFlows

CyberFLOWS – In-Database Multi‑Agent AI Flows

Schedule Your CyberFlows Session

Introduction – EventDriven Agents in the Enterprise: 

Artificial intelligence is moving beyond single models to networks of agentic AI – autonomous agents that collaborate to solve complex tasks. The challenge is not just better AI, but better infrastructure: agents need to access data and tools and communicate with each other seamlessly. 

This is especially crucial for enterprises where Governance, Risk, and Compliance (GRC) processes demand reliability, auditability, and real-time response.  

CyberFLOWS, is a new MyRISK capability that meets this need by bringing high-throughput, in-database AI orchestration to GRC. 

What is CyberFLOWS? 

CyberFLOWS enables private, high-speed multi-agent workflows entirely inside the Oracle database. It leverages Oracle’s Transactional Event Queues (TEQ), an enterprise-grade message queuing system built into Oracle 23ai, to let AI agents publish and subscribe to events without any external broker. Think of it as an in-database equivalent to a Kafka event bus, but with full ACID consistency and Oracle security. In fact, Oracle 23ai’s TEQ provides the benefits of transactions and exactly-once delivery for streaming events, serving as a native alternative to Kafka. 

CyberFLOWS uses Oracle REST Data Services (ORDS) to expose TEQ as a simple RESTful publish/subscribe interface, so your AI agents (running anywhere) can communicate through HTTP calls—no separate orchestration platform or workflow engine (like n8n) required. 

The entire multi-agent conversation happens within the Oracle Database security boundary, with no data leaving the system.  

Technical Architecture – Oracle AQ/TEQ + ORDS:

At its core, CyberFLOWS builds on Oracle Advanced Queuing and the new Transactional Event Queues (TxEventQ). Messages between agents are enqueued into multi-consumer queues, which means multiple subscribers can receive the same message in parallel.  

 This implements a topic-based publish/subscribe pattern inside the database: an agent (or any GRC application) enqueues an event, and all subscribing agents or services dequeue copies of that event. Oracle TEQ supports defining multiple event streams (partitions) for a queue – conceptually similar to Kafka topics with partitions – enabling horizontal scale-out of throughput.  

Because TEQ is implemented as internal database tables, it inherits all the operational strengths of Oracle Database. That includes guaranteed message persistence, high availability, and fault tolerance – Oracle Data Guard can even replicate queues to preserve messages for DR scenarios. Enqueues and dequeues participate in the same ACID transactions as your business data, ensuring consistency without complex 2-phase commits 

In practical terms, this means messages are never lost and each event is delivered exactly once to each intended consumer, without duplicates or gaps, even in the face of failures. 

CyberFLOWS uses ORDS’s built-in TxEventQ REST APIs to avoid any custom broker code. ORDS exposes endpoints to create topics, manage consumer groups, and push or pull messages over HTTPS 

For example, an OCI-hosted Python agent can POST a message to the “RiskAlert” topic via ORDS, while an Oracle APEX app concurrently GETs new messages from that same topic – all with standard REST calls and JSON payloads. Under the hood, TEQ ensures each message is stored and forwarded to all subscribers with minimal latency (optimized by in-memory caching and Oracle’s internal scheduling). Agents can include correlation identifiers in messages to link requests with responses, and Oracle’s queuing system allows filtering or selective consumption by correlation ID. Priorities can also be assigned to messages, so urgent events jump to the front of the queue  – useful in a risk management scenario where a “critical” incident alert should be processed before low-priority tasks.  

Schedule Your Discovery Session Now

Use Cases in GRC and Continuous Controls Monitoring: 

Because CyberFLOWS operates within Oracle Database 23ai, it keeps sensitive process data in place and under unified governance. This is a big win for GRC and Continuous Controls Monitoring (CCM) stakeholders. You can orchestrate complex control activities through AI agents without opening new integration points that might introduce security or compliance gaps.  

For instance, consider third-party breach history monitoring: MyRISK has an AI agent that periodically scrapes public breach databases and news feeds. With CyberFLOWS, it enqueues a “Breach Check” event (including the target industry and date range or a company name) into a TEQ topic. A downstream agent subscribed to this topic picks it up, executes a live web search and analysis, then enqueues the results (e.g. breach records found) onto a response queue. The entire call-and-response happens in seconds, and both sides of the exchange are fully audited in the database (every message is queryable via SQL for audit trails). 

Another example is automated control gap classification: an AI agent can listen for control evaluation events, use an LLM to categorize any gaps or violations, and publish a recommended action. CyberFLOWS allows these agent-driven checks to run continuously, 24×7, with guaranteed delivery of each finding to the compliance team’s inbox or dashboard. All interactions are logged and timestamped as Oracle queue messages, simplifying compliance reporting and verification.  

POC Validation – MyRISK and Oracle’s Joint Effort: 

To prove out these capabilities, MyRISK is collaborating with Oracle on a joint proof-of-concept. The POC showcases a call-and-response pattern between an Oracle APEX application and OCI-hosted AI agents, all mediated by TEQ queues. The collaboration with Oracle means CyberFLOWS is built on a foundation that is officially supported and future-proof as Oracle evolves the TEQ platform.  

High Performance and Resilience: 

In designing CyberFLOWS, performance was a key focus. Oracle TEQ is built for high throughput – measured in thousands of messages per second – and low-latency fan-out. Unlike external brokers, there’s no network hop or JSON transformation outside the database; an agent running in OCI can enqueue a message via ORDS, and an application on the same Oracle DB can dequeue it almost immediately. Oracle’s internal benchmarks for TEQ show minimal overhead and linear scaling as you add more consumers or event streams. 

Moreover, because TEQ is part of the Oracle RAC cluster, it achieves horizontal scalability and high availability by default (queue data is sharded across RAC nodes and benefits from cache fusion and failover). If one agent or consumer process goes down, Oracle’s consumer group protocols ensure another can pick up where it left off, with exactly-once semantics and without duplicating work.  

This kind of resilience is essential for CCM use cases – e.g., if an AI agent responsible for monitoring transactions for data exfiltration goes offline, another agent (or a restarted instance) can continue consumption from the last saved position in the queue. The result is a system that not only automates and speeds up GRC processes, but does so in a fault-tolerant manner, with the guarantee that every control event or alert is delivered and handled.  

Business Impact – Simplifying and Securing Enterprise AI Workflows: 

For Oracle customers in regulated industries, CyberFLOWS represents a leap forward in automating risk and compliance workflows. It combines the power of multi-agent AI with the robustness of Oracle Database. All event processing stays within your database, so you get unified security, auditing, and governance without duplicating data across systems.  

Guaranteed delivery and exactly-once processing mean you can trust that no alert or control failure will slip through the cracks. By eliminating external integration points, the solution reduces complexity – no more maintaining separate Kafka clusters, external workflow engines, or bespoke APIs. This leads to lower infrastructure costs and fewer potential points of failure or data leakage. In short, CyberFLOWS allows enterprises to embrace adaptive, intelligent automation in GRC/CCM while maintaining the resilience and trustworthiness that Oracle technology is known for. 

MyRISK CyberFLOWS is a timely innovation for any enterprise looking to harness agentic AI safely and effectively. By marrying Oracle’s in-database event queues with AI orchestration, it delivers a solution that is technically elegant (no-code integration via ORDS, standard SQL access to messages) and business-smart (resilient, auditable, and scalable by design).  

We’re excited to bring this capability to all MyRISK customers and will continue to work closely with Oracle to push the boundaries of what in-database AI workflows can do. Agents may indeed be the new apps, and with CyberFLOWS, your Oracle Database is ready to run them. 

Why Choose MyRISK + Oracle for Secure AI Agent Workflows?

At MyRISK, we understand the unique challenges enterprises face in balancing automation, compliance, and data security. That’s why CyberFLOWS isn’t just another orchestration tool—it’s a future-proof, enterprise-grade framework built for real-world GRC and CCM demands. 

By embedding AI agent collaboration within your Oracle Database, CyberFLOWS eliminates the usual trade-offs between performance, security, and integration complexity. Our native-first approach ensures: 

  • No data leaves your system—keeping everything within Oracle’s trusted security and audit boundaries. 
  • No external broker to maintain—reduced overhead, simplified DevOps, and zero additional risk. 
  • Guaranteed delivery, high throughput—so every event is captured, delivered, and actioned, without fail. 

Whether you’re building proactive compliance monitors, continuous control agents, or AI-driven incident responders, CyberFLOWS offers the robustness of Oracle, the flexibility of REST APIs, and the intelligence of agentic AI, all orchestrated as a seamless in-database flow. 

Ready to See CyberFLOWS in Action?

Let’s explore how in-database AI orchestration can transform your GRC operations.
Book a live demo
Request a proof-of-concept
Talk to our AI integration experts 

👉 Contact Us Today to start your journey toward smarter, safer, and more streamlined enterprise automation. 

Book Your Demo Today