2025-10-25 –, Talk 2
As automation and orchestration become key components in security operations, their limitations are becoming equally apparent. Static workflows and predefined playbooks often fall short when facing novel threats or when responders are overwhelmed by false positives and incident fatigue. Agentic solutions—where large language models (LLMs) operate as autonomous or semi-autonomous agents—arises then as a promising evolution.
This talk will explore the spectrum of AI-enabled assistance, starting with simple LLM usage for text-based tasks and moving toward autonomous multi-agent systems designed to handle complex, dynamic security scenarios. We will highlight both the opportunities and the challenges: while LLMs are accessible through simple chat interfaces, applying agentic solutions to real-world incident handling requires thoughtful orchestration, integration with tools, and recognition of inherent limitations.
Examples will be provided, including email Security Agents implemented on top of workflow orchestration frameworks.
Attendees will gain insight into the technical, operational, and human factors needed to responsibly adopt agentic solutions in security. By the end, they will better understand how to balance ambition with practicality, and how to begin experimenting with agent-driven incident response in their own environments.
Incident responders, threat analysts, threat researchers, SOC managers, and practitioners interested in the intersection of AI, agents, and security.
Cristian Fiorentino is a Systems Engineer with over 20 years of professional experience in designing, building, and securing enterprise distributed systems. He specializes in cybersecurity and security detection systems, with a career spanning app-sec, security validation and architecture, as well as incident handling, automation and threat detection.
As an enthusiast of artificial intelligence, he is particularly interested in the intersection of AI and security, exploring how agentic systems and large language models can enhance detection, response, and resilience.