Agentic AI for Cybersecurity: Building Autonomous Defenders and Adversaries

Agentic AI for Cybersecurity: Building Autonomous Defenders and Adversaries

Unlock the power of nextgeneration AI agents to transform cybersecurity, business operations, and productivity.

Agentic AI has transformed cybersecurity and other domains with autonomous, intelligent software agents that can plan, reason, and take action. Instead of simply answering questions, these agents work like digital analysts using tools and adapting to new information, while collaborating with humans and other agents to get real work done.

Agentic AI for Cybersecurity is a practical, handson guide to building, deploying, and securing these systems. Written in plain English, the book explains how modern agentic AI frameworks (such as LangChain, LangGraph, CrewAI, and LlamaIndex) enable autonomous, multiagent systems, and how frameworks like Model Context Protocol (MCP) and agenttoagent (A2A) are creating an emerging Internet of Agents.

Through stepbystep projects and realworld case studies, readers learn how to apply agentic AI to cybersecurity defense, adversarial testing, business automation, and productivity workflows. The book also addresses critical risks, including adversarial threats, governance, and compliance. The goal is to make security a firstclass concern, not an afterthought.

Designed for both technical and nontechnical readers, this book bridges the gap between AI theory and realworld impact.

Key Features

• Handson projects with practical examples for building and deploying AI agents
• Covers leading agentic AI frameworks and protocols (LangChain, CrewAI, LangGraph, MCP, A2A, n8n, OpenAI Agent Builder, and more)
• Securityfirst approach with dedicated coverage of adversarial threats and governance
• PlainEnglish explanations with diagrams, exercises, and GitHub resources

Who This Book Is For

Cybersecurity professionals, AI engineers, developers, architects, business and technology leaders, or anyone looking to understand and apply agentic AI responsibly and effectively.

Table of Contents

    Introduction.. . . . . . . . . . . . . . . xvii

Part I Foundations and Core Technologies

Chapter 1 Foundations of Agentic AI Systems. . . . . . . . . 1

    Reflecting and Defining the Shift.. . . . . . . . . . 2

    The Anatomy of a Modern AI Agentic Infrastructure.. . . . . . 9

    Summary. . . . . . . . . . . . . . 13

    Review Questions.. . . . . . . . . . . . . 15

    Answers to Review Questions. . . . . . . . . . 17

Chapter 2 Retrieval-Augmented Generation (RAG), Agentic RAG, and Model Context Protocol (MCP).. . . . . . . . . . 19

    A Recap of Retrieval-Augmented Generation (RAG) and Agentic RAG. . . 20

    Vector Databases and Embedding Models. . . . . . . . 21

    A Deep Dive into the Model Context Protocol (MCP).. . . . . . 42

    Summary. . . . . . . . . . . . . . 46

    Review Questions.. . . . . . . . . . . . . 47

    Answers to Review Questions. . . . . . . . . . 50

    End-of-Chapter Projects.. . . . . . . . . . . 51

Chapter 3 Protocols for the Internet of Agents.. . . . . . . . . 55

    The Agent2Agent (A2A) Protocol . . . . . . . . . . 55

    The Agent Communication Protocol (ACP). . . . . . . . 64

    Agent Name Service (ANS): A Secure Universal Directory. . . . . 66

    AGNTCY: Building the Foundational Stack for an Internet of Agents.. . . 69

    Summary. . . . . . . . . . . . . . 71

    Review Questions.. . . . . . . . . . . . . 72

    Answers to Review Questions. . . . . . . . . . 74

Chapter 4 Orchestration with LangChain, LangGraph, and LlamaIndex. . . 75

    Introducing LangChain. . . . . . . . . . . . 76

    Using LangGraph Agent Workflows.. . . . . . . . . 78

    Introducing LlamaIndex.. . . . . . . . . . . 87

    Choosing Your Framework.. . . . . . . . . . . 89

    Summary. . . . . . . . . . . . . . 91

    Review Questions.. . . . . . . . . . . . . 92

    Answers to Review Questions. . . . . . . . . . 94

Chapter 5 Exploring CrewAI, n8n, Apache Airflow, OpenAI Agent Builder, and Other Agentic Frameworks.. . . . . . . . . . 95

    CrewAI: The Power of Role-Based Collaboration. . . . . . . 96

    n8n: Visual Workflow and Low-Code Automation. . . . . . 101

    Apache Airflow.. . . . . . . . . . . . . 116

    Langflow: Visual Orchestration and Deployment for GenAI.. . . . 121

    The OpenAI Agent Platform.. . . . . . . . . . 122

    Summary. . . . . . . . . . . . . . 125

    Chapter Review Questions.. . . . . . . . . . . 126

    Answers to Review Questions. . . . . . . . . . 128

Part II Applications and Security

Chapter 6 The Architects Cockpit: AI-Powered IDEs and Coding Agents.. . . 131

    Defining the Modern AI Coding Agent. . . . . . . . 131

    A Comparative Analysis of Leading AI Coding Agents.. . . . . 139

    Establishing Enterprise-Grade Evaluation Criteria. . . . . . 154

    Project CodeGuard: Dont Let Your AI Agents Introduce Security Vulnerabilities.. 156

    Summary. . . . . . . . . . . . . . 158

    Chapter Review Questions.. . . . . . . . . . . 159

    Answers to Review Questions. . . . . . . . . . 161

    Project 6-1: Using Project CodeGuard to Create More Secure Code. . . 162

Chapter 7 Building an Autonomous SOC Analyst. . . . . . . . 165

    The Crisis in Modern Security Operations. . . . . . . . 166

    Anatomy of an Autonomous SOC Analyst.. . . . . . . . 167

    Building the Foundation: Technical Implementation.. . . . . . 171

    Advanced Implementation Patterns. . . . . . . . . 197

    Summary. . . . . . . . . . . . . . 210

    Chapter Review Questions.. . . . . . . . . . . 211

    Answers to Review Questions. . . . . . . . . . 212

    Project 7-1: Building Your Own Autonomous SOC Analyst. . . . . 213

Chapter 8 Agentic Penetration Testing, Red Teaming, and Bug Bounties. . . 215

    Real-Life Attacks.. . . . . . . . . . . . . 216

    Case Study: Using LangGraph and n8n for Cyberattacks and Espionage.. . 218

    Building Penetration Testing Agents with LangChain and LangGraph. . 221

    Agent Skills for Offensive Security.. . . . . . . . . 240

    Summary. . . . . . . . . . . . . . 251

    Chapter Review Questions.. . . . . . . . . . . 252

    Answers to Review Questions. . . . . . . . . . 254

Chapter 9 AI Agents for Business Leaders and Project Managers.. . . . 255

    Understanding AI Agents from a Cybersecurity Leadership Perspective.. . 256

    Strategic Applications of AI Agents for Cybersecurity Leaders.. . . . 256

    AI Agents for Cybersecurity Project Management.. . . . . . 260

    Case Studies.. . . . . . . . . . . . . 262

    Summary. . . . . . . . . . . . . . 265

    Chapter Review Questions.. . . . . . . . . . . 266

    Answers to Review Questions. . . . . . . . . . 267

Chapter 10 Securing Agentic AI Systems. . . . . . . . . . 269

    The Unique Security Challenges of AI Systems. . . . . . . 269

    The Coalition for Secure AI (CoSAI).. . . . . . . . . 273

    The CoSAI Risk Map: Understanding AI Security Risks.. . . . . 273

    Security Controls for AI Systems.. . . . . . . . . . 281

    AI Supply Chain Security. . . . . . . . . . . 289

    AI Incident Response Framework.. . . . . . . . . 293

    Agentic AI Architecture Security Patterns. . . . . . . . 298

    Provider Versus Consumer Responsibilities. . . . . . . . 301

    Regulatory and Compliance Considerations. . . . . . . 303

    Case Studies and Lessons Learned.. . . . . . . . . 304

    MITRE ATLAS.. . . . . . . . . . . . . 306

    OWASP Top 10 for Agentic Applications. . . . . . . . 308

    The MAESTRO Threat Modeling Framework.. . . . . . . 312

    Summary. . . . . . . . . . . . . . 326

    Chapter Review Questions.. . . . . . . . . . . 327

    Answers to Review Questions. . . . . . . . . . 329

    End-of-Chapter Exercises.. . . . . . . . . . . 332

9780135589854, TOC, 4/22/26

Submit Errata