Blueprint for AI Agents in Cybersecurity

Disclaimer: Opinions expressed are solely my own and do not express the views or opinions of my employer or any other entities with which I am affiliated.

Agentic Process Automation (APA) represents a significant leap forward in automation technology by leveraging Large Language Models (LLMs) and AI agents to create autonomous, intelligent systems capable of dynamically constructing and executing workflows. Unlike traditional Robotic Process Automation (RPA) and Intelligent Automation (IA), which rely on predefined rules and human oversight, APA enables AI agents to interpret tasks, make real-time decisions, and continuously adapt workflows based on live data. This shift from static, rule-based automation to dynamic, intelligent systems is especially relevant for cybersecurity, where threats are constantly evolving and the ability to adapt quickly is crucial.

Evolving AI Agents in the Cybersecurity Space

Imagine that instead of manually writing automation scripts, you have an AI agent or a browser-based plugin monitoring your day-to-day processes. It suggests tasks you can automate and then builds the automation for you. Need an integration? The agent retrieves the API documentation and constructs the integration with all available actions. This is just one of many potential use cases that illustrate the transformative potential of AI agents in cybersecurity.

Sponsored Content

Mindflow transforms SecOps with GenAI-powered, No-code automation, letting teams shift from repetitive ClickOps to impactful security work. Build Flows that cut through busywork and let you focus on the real threats, not the clicks.

 Building a Blueprint for Cybersecurity AI Agents

To understand the practical application of AI agents in cybersecurity, let’s compare them with the standard Incident Response (IR) flow.

1. Alert Reception and Triage Agent

When an alert is generated by your Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), or any Security Incident Management (SIM) platform, the first step is to employ an AI agent for enrichment—let’s call this the Triage Agent.

 The Triage Agent can be divided into specialized functions for better control and customization:

• Alert Grouping

  • Alert Deduplication: Identifies and consolidates duplicate events that may have bypassed initial SIEM filtering.

  •  Alerts Grouping per Asset: Aggregates alerts related to the same asset to provide a holistic view of potential threats.

• Alert Enrichment: Enhances the alert with additional context necessary for investigation:

  • Indicator of Compromise (IOC) Enrichment: Performs threat intelligence checks using various paid or open-source intelligence feeds, or consults your Threat Intelligence Platform (TIP) if you have centralised your intelligence data.

  • Machine (Endpoint/Server) Enrichment: Gathers detailed information about the affected systems.

  • Account (Identity and Access Management) Enrichment: Retrieves user account details and access patterns.

After the Triage Agent completes these tasks, you have sufficient information to determine whether the alert warrants further investigation (escalation to an incident) or should be routed differently according to your operational procedures.

2. Reactive Threat Hunting Agent

Once the Triage Agent has enriched the alert and provided enough information to determine that further investigation is warranted, the next step is to involve the Reactive Threat Hunting Agent. This agent functions similarly to a Tier 2 analyst and is crucial for deep-diving into incidents to uncover additional threats or indicators that may not be immediately apparent.

Understanding Threat Hunting

Threat hunting serves multiple purposes and can be broadly divided into:

• Reactive Threat Hunting: Initiated in response to a specific incident or alert.

• Proactive Threat Hunting: Driven by Cyber Threat Intelligence (CTI) to anticipate and discover potential threats before they manifest.

In this context, we’re focusing on the Reactive Threat Hunting AI Agent, which is activated by an incident to perform a detailed analysis.

Steps Performed by the Reactive Threat Hunting AI Agent

• Understanding and Decomposing the Alert:

  •  Indicator Classification: The agent begins by dissecting the alert into various types of indicators:

    • Atomic Indicators: Basic elements such as IP addresses, domain names, email addresses, and file hashes.

    • Computed Indicators: Information derived from data analysis, like malware file sizes or encoded strings.

    • Behavioral Indicators: Patterns of behavior, tactics, techniques, and procedures (TTPs) used by threat actors.

Searching for Atomic and Computed Indicators:

Crafting and Executing Searches: The agent crafts specific queries to search historical data in the SIEM, data lakes, or other relevant tools for the identified IOCs.

• Accessing Multiple Systems: Unlike human analysts who might need to log into multiple systems, the AI agent can simultaneously query all necessary platforms (in case you don’t have all data in your SIEM)

• Data Normalisation Challenge:

  • Field Name Variability: Different systems may use different field names for the same data (e.g., “src_ip” vs. “source_ip”).

  • Solution: Predefine data mappings or utilize a data normalization layer to enable the agent to interpret and correlate data across various systems effectively.

Outcome of IOC Checks:

• Updating the Incident Case: The agent consolidates findings and updates the incident or case wall with detailed information.

• Threat Intelligence Integration: If integrated with a Threat Intelligence Platform (TIP), the agent feeds back new or updated IOCs, enriching the organisation’s threat intelligence repository. (Refer to the LEAD framework for effective feedback loops in threat intelligence.)

Analysing Behavioural Indicators:

• Mapping to TTPs:

• The agent maps behavioural indicators to known TTPs, leveraging frameworks like MITRE ATT&CK. In cases where your Detection rules are mapped to ATT&CK framework it should be easy to check those detections for the following:

  • Historical Searches: It searches for historical data and alerts related to these TTPs to identify any past occurrences or patterns.

• Detection Gaps Identification:

  • Feedback to Detection Engineering: If certain TTPs are not being detected (missing detections).

  • Queue for Review: These gaps are added to the Detection Engineering queue for the development of new detection rules or enhancements.

3. Response AI Agent

After analysis, the Response AI Agent handles the execution of response actions:

• Infrastructure as Code Generation:

  • Creates Terraform or CloudFormation templates for remediation steps, which can be reviewed and implemented by the DevOps/SRE team.

• Endpoint Actions:

  • Utilises Endpoint Detection and Response (EDR) tools to isolate compromised hosts or collect forensic evidence.

• Security Controls Update:

  • Modifies blocklists or firewall rules, such as blocking malicious senders in phishing incidents or updating rules based on new IOCs.

• Additional Actions:

  • Any other customised response actions pertinent to the incident.

Incorporating AI agents through Agentic Process Automation represents a transformative shift in cybersecurity operations. By intelligently automating various stages of the incident response process—from initial alert triage to reactive threat hunting and response actions—organizations can significantly enhance their ability to detect, analyze, and respond to threats in an ever-evolving cybersecurity landscape. This approach not only increases efficiency and reduces response times but also allows for an adaptive security posture that continuously evolves with emerging threats.

Now that we have a blueprint on how to structure the AI agents, Dylan will get into the technical details of these AI agents in the next section.

Whats an AI agent?

We are used to interacting with Large Language Models (LLMs) like ChatGPT with a simple text in, text out chatbot window. What if we could give those same instructions to the LLM and it has the ability to plan, make decisions, and carry out the task until its done? In short, think of an LLM or AI agent as a chatbot with the added abilities to take actions, access tools, and loop through tasks until they’re fully completed. The concept of AI agents typically introduce 3 core components in addition to the LLM: Tools, Memory, and Planning.

You may be thinking: well why use agents when I can just use LLMs such as Gemini or Claude? My favorite way to articulate the limitations of non-agentic LLMs is with Andrew Ng’s explanation of “imagine if you could write an essay on your computer, but you can’t use backspace”. With LLMs you are limited to the single prompt you send to the model and the response you get back. We use agents when we want to leverage adaptability and flexibility. We want to leverage agents ability to think, to iterate without needing human intervention (Lessons Learned: Building AI Agents).

This is where agents shine: by giving the LLM 1) ability to perform actions and 2) the ability to plan, reflect and iterate on its answers. You probably get your best results in ChatGPT by going back and forth 20-30 times until you’re happy with the result, right? This is exactly the benefit we get with agents, by allowing them to independently iterate over the answer until its good enough. This is primarily done through a concept called ReAct, short for “reasoning” and “acting”. To keep things simple, think of agents as giving the LLM the ability to loop until its completed its task.

Agentic Frameworks & Best Practices

Okay so how can you try out agents yourself? There are currently many emerging best practices and frameworks around AI agents. The most popular frameworks follow the multi-agent pattern but in general, I like to split them up into 1) macro orchestration and 2) micro orchestration. If your goal is fast prototyping and to validate some ideas, its probably best to start with tools such as CrewAI and AutoGen. These frameworks typically follow a multi-agent/conversational framework where different agents take the form of different, specialized, complementary personas, similar to how you have dedicated roles inside an organization.

Agents in Practice

A great starting point is to take the overall task you are trying to automate, list out all the steps, and mark each one as requiring 1) knowledge or 2) actions. We are leveraging the reasoning capabilities of the pre-trained models, but each step may require external data to complete the task or actions/tools to complete the task. Treat the AI agents like a new teammate or employee, they need to be onboarded. They need access to the right tools & data to get the job done accurately. More importantly they need clear and explicit instructions. A great approach is task decomposition, the more time you spend decomposing and specializing the tasks like the examples Filip gave above, the higher ROI on the results.

Remember as with any new technology or implementation there are tradeoffs, just remember to evaluate whats necessary for your use case and why you would want to leverage agents as opposed to LLMs. Because of the iterative and unbound nature of agents you may have less control (steer-ability) and visibility (debugging). So in practice, this will end up being a balancing act depending on your use case. You can either increase the agent’s autonomy (ability to plan, make decisions, and carry out tasks) at the expense of reduced control, or “instead of giving the agent (or a swarm of agents) the liberty to do everything end-to-end, try to hedge their task to a specific region of your flow/SOP that requires this kind of agility or creativity.” (Medium)

There are varying levels of complexity when building agents, but it all comes down to three things: 1) Control (macro vs micro orchestration), 2) Visibility (layers of abstraction over the LLM API) and 3) Implementation effort & overhead. Ask yourself how much control & visibility do you want over all the steps in your task or how much overhead or level of effort do you want to spend into setting up the agents themselves. Do you want a framework to do the heavy lifting for you or do you want to create an agent from scratch? We even have a whole new family of models emerging called Large Action Models (LAMs) which are explicitly designed for using tools, reasoning and planning.

The best way to learn is to get hands on! I recommend starting with CrewAI + AgentOps as its the most turn-key experience and you can even use local models like ollama so you don’t have to pay for the 3rd party API providers. If you use Anthropic or OpenAI, use the smaller models like GPT-4o-mini or Claude3-Haiku as they are faster and cheaper.

Heres a list of the most popular orchestration frameworks to get started:

• CrewAI

• AutoGen

• LangGraph

• LlamaIndex Workflows

• OpenAI Swarm

• Dify

• TaskGen

• Atomic Agents

• Magentic-One

• AWS Multi-Agent Orchestrator

About the Guest Author

If you want to get on a call and have a discussion about security automation, you can book here:

Become an Ultimate Supporter of our blog and gain exclusive access to cutting-edge content, while playing a pivotal role in sustaining our community.

As an added benefit, each Ultimate Supporter will receive a link to the editable versions of the visuals used in our blog posts. This exclusive access allows you to customize and utilize these resources for your own projects and presentations.