SecTor 2025 | Not-So-Secret Agents: Deploying AI to Optimize Security Operations

Artificial Intelligence (AI) has the potential to revolutionize security operations, yet many defenders struggle with how to pragmatically build and integrate LLM powered AI agents into their workflows. This talk bridges that gap, offering a practical, hands-on guide to developing and deploying LLM powered AI Agents designed to streamline and enhance security tasks. We move beyond theory to demonstrate the entire process, from concept to execution, empowering attendees to make their operations measurably more efficient and effective. Using OSQuery as a concrete example, we will show step-by-step how to build an agent, orchestrate its execution within a security workflow using LangGraph, and apply it to real-world endpoint data. We will detail how to define and measure success, presenting evaluation metrics like reduction in analysis time, improved consistency, and task completion rates and comparing those results to traditional, manual or even semi automated approaches. Key topics will include: * Understanding the fundamentals of AI agent workflows and their applications in cybersecurity * Step-by-step guide to building an AI agent for security tasks, including problem break down, model selection, prompting examples, and agent execution options * Integrating the AI agents into an existing workflow using LangGraph using a fan-out - fan-in methodology * Practical demonstration with OSQuery data, showcasing how to automate data analysis and generate actionable insights from dozens of disparate OSquery table sources Attendees will receive all source code and resources, enabling them to immediately experiment and customize these agent workflows. You will leave not just with concepts, but with a clear implementation path, evidence of the agent's value proposition, and the practical, code-in-hand knowledge to start building your own AI-driven security capabilities, enhancing detection, response, and hunting. By: Jimmy Astle | Sr Director AI Platform & Data Science, Red Canary Presentation Materials Available at: https://ift.tt/Y1ZUnHN

source https://www.youtube.com/watch?v=YEl3ocILZNo