Agentic Frameworks: Practical Considerations for Building AI-Augmented Security Systems

Traditional security automation faces significant challenges in adapting to the dynamic and nuanced landscape of modern cyber threats. This paper focuses on bringing practical agentic solutions to the security industry by exploring how agentic frameworks can fundamentally transform detection engineering workflows.

Drawing parallels from sequential diagnosis in medicine, the paper illustrates an iterative investigation approach where autonomous AI agents dynamically gather evidence, reason, and adapt their behavior to significantly enhance alert triage, contextual enrichment, and detection rule creation/tuning.

Key topics covered include:

Core agent design and implementation
Structured input/output with schemas
Tool integrations and strategies for agents
Model Context Protocol (MCP) for enhanced tooling
Retrieval Augmented Generation (RAG) and agent memory
LLM safety: guardrails and safety layers
Orchestration and state management workflows
Evaluation and continuous improvement

This work serves as a comprehensive guide for security professionals and engineering teams, empowering them to implement best practice, AI-augmented security solutions capable of decision-making and adaptive threat responses in real-world environments.

Download the full paper: Agentic Frameworks PDF