APWG eCrime 2025 Training Sessions
Expert trainers from APWG member institutions and research correspondents assemble on Monday between 12:00 and 5:30 for sessions on agents systems, modeling for anti-abuse systems, AI defense systems and home-brewed Open Source Intelligence
3:00-5:30 PM / Room Assignment: Britannia
How to Build Agentic Systems to Automate Web Security
Mohamed Nabeel, Palo Alto Networks
AI agents are revolutionizing by automating complex workflows and taking actions autonomously. Cyber security analysts and researchers spend considerable time and effort to manually analyze web pages, which cannot be resolved using existing detectors, to assess if they are malicious/phishing. What if we can use AI agents to autonomously assess such pages? In this workshop, starting from the preliminaries of generative AI, we show how to build an agentic AI system using the LangGraph framework. The audience will be introduced to the foundational concepts of LLMs, prompting LLMs and LLM agents. Diving deeper, we will explore popular agent planning patterns such as reflection and ReAct (Reason and Acting) and agent tool calling with MCP (model context protocol), agent communication via A2A (agent to agent), agent evals (evaluations) and securing agents. Equipped with these concepts, we will dive into building a practical secure agentic system using a popular LLM development framework called LangGraph. We plan to share valuable experience and lessons we learnt by building several agentic systems for the security domain. The knowledge gained during this session could be applied to a wide variety of cyber security tasks such as threat hunting, cyber threat intelligence, and vulnerability analysis.